With a tidal wave of vulnerabilities on the market and brand-new vulnerabilities popping out every day, safety groups have quite a bit to deal with. Addressing each single vulnerability is almost inconceivable and prioritizing them isn’t any simple process both because it’s tough to successfully give attention to the small variety of vulnerabilities that matter most to your group. Furthermore, the shift to hybrid work makes it tougher to evaluate and prioritize your vulnerabilities throughout your endpoints with conventional vulnerability scanners.
Kenna Safety maps out the vulnerabilities in your atmosphere and prioritizes the order wherein you need to deal with them primarily based on a danger rating. We’re excited to announce that after Cisco acquired Kenna Safety final yr, now we have not too long ago launched an integration between Kenna and Cisco Safe Endpoint so as to add invaluable vulnerability context into the endpoint.
With this preliminary integration, Safe Endpoint prospects can now carry out risk-based endpoint safety. It allows prospects to prioritize endpoint safety and enhances risk investigation to speed up incident response with three important use circumstances:
- Scannerless vulnerability visibility: In a hybrid work atmosphere, it’s more and more tough for conventional vulnerability scanners to account for all gadgets getting used. As a substitute of counting on IP deal with scanning to determine vulnerabilities in an atmosphere, now you can use the prevailing Safe Endpoint agent to get an entire image of the vulnerabilities it is advisable triage.
- Threat-based vulnerability context: Throughout incident response, prospects now have an extra information level within the type of a Kenna danger rating. For instance, if a compromised endpoint has a danger rating of 95+, there’s a excessive probability that the assault vector pertains to a vulnerability that Kenna has recognized. This may dramatically pace up incident response by serving to the responder give attention to the correct information.
- Correct, actionable danger scores: Organizations typically battle to prioritize the correct vulnerabilities since most danger scores comparable to Widespread Vulnerability Scoring System (CVSS) are static and lack vital context. In distinction, the Kenna Threat Rating is dynamic with wealthy context because it makes use of superior information science strategies comparable to predictive modeling and machine studying to think about real-world threats. This lets you perceive the precise degree of danger in your atmosphere and permits you successfully prioritize and remediate a very powerful vulnerabilities first.
How does the Kenna integration work?
The Kenna integration brings Kenna Threat Scores immediately into your Safe Endpoint console. For example of this integration, the pc within the screenshot under (Determine 1) has been assigned a Kenna Threat Rating of 100.
Threat scores will be anyplace from 0 (lowest danger) to 100 (highest danger). The rating is inferred primarily based on the reported OS model, construct, and revision replace info, mixed with risk intelligence on vulnerabilities from Kenna.
Clicking on the precise numeric rating itself brings you to a web page with an in depth itemizing of all vulnerabilities current on the endpoint (see Determine 2 under).
Every vulnerability has a danger rating, an identifier, and an outline that features icons with extra particulars primarily based on vulnerability intelligence from Kenna:
Lively Web Breach: This vulnerability is being exploited throughout energetic breaches on the Web
Simply Exploitable: This vulnerability is straightforward to use with proof-of-concept code being probably accessible
Malware Exploitable: There’s identified malware exploiting this vulnerability
All of this info is extraordinarily invaluable context throughout an incident investigation. Exploiting vulnerabilities is likely one of the most typical methods malicious actors perform assaults, so by shortly understanding which vulnerabilities are current within the atmosphere, incident responders have a a lot simpler time honing in on how an attacker received into their group.
Moreover, for vulnerabilities that presently have fixes accessible, clicking on the inexperienced “Repair Accessible” button on every vulnerability shows a field with hyperlinks to the relevant patches, information base articles, and different related info (see Determine 3 under). This provides analysts the data they should effectively act on an endpoint.
Who can entry the Kenna integration?
Vulnerability info and Threat Scores from Kenna Safety at the moment are accessible within the Cisco Safe Endpoint console for:
- Home windows 10 computer systems working Safe Endpoint Home windows Connector model 7.5.3 and newer
- Prospects with a Safe Endpoint Benefit or Premier tier license, together with Safe Endpoint Professional
Most vulnerabilities in our buyer base happen on Home windows 10 workstations, so we determined to launch first with Home windows 10 to ship this integration quicker. We plan on including help for different Home windows variations and working programs comparable to Home windows 11, Home windows Server 2016, 2019, and 2022 within the close to future.
We hope that you just discover this integration helpful! That is the primary of many steps that we’re taking to include vulnerability info from Kenna Safety into Safe Endpoint, and we’re excited to see what different use circumstances we will allow for our prospects.
The Cisco Safe Selection Enterprise Settlement is an effective way to undertake and expertise the whole Safe Endpoint and Kenna know-how stack. It supplies instantaneous value financial savings, the liberty to develop, and also you solely pay for what you want.
We’d love to listen to what you assume. Ask a Query, Remark Beneath, and Keep Related with Cisco Safe on social!
Cisco Safe Social Channels