Automating Vulnerability Management
March 17, 2020
Delve’s modern vulnerability management solution minimizes the manual effort - and eliminates the guesswork - from conventional VM operations.
Unlike legacy VM products that have delivered precious little innovation in the past decade, Delve offers:
- A Fully Integrated, Comprehensive Solution
- An Automated, Configuration-Free Approach to VM
- Self-Learning, ML-driven Performance Improvement
- Built-in, Meaningful Contextual Prioritization
Fully Integrated, Comprehensive Solution
Delve’s solution includes the following elements of a complete VM program:
- Asset Discovery (Endpoints & Web Apps)
- Built-In, Outlier Asset Identification Using ML
- Machine and Connected Device Scanning
- Integrated Web Application Security Testing
- Delve’s Exclusive, ML-Driven, Contextual Prioritization
- Remediation Planning and Risk-Reduction Scenario Reporting
This holistic view of a network’s vulnerabilities across machines,
connected devices, and web applications allows Delve to deliver a significantly more meaningful risk score for each vulnerability, one that accounts for each vulnerability’s unique circumstances, surrounding environment, and operational context.
Automated, Configuration-Free Approach to VM
Existing VM products require substantial upfront configuration, as well as ongoing manual intervention. Since its founding, Delve’s corporate objective has been the automation of as much of the VM process as possible, providing customers substantial TCO savings in time and resources. Some examples of how Delve is removing the manual activity from traditional VM operations are included in the table below.
|Conventional VM Products||Delve|
|Identification of Business-Critical Assets||Manual||Automated|
|Remediation-Centric Vulnerability Grouping||Manual||Automated|
|One-off Scan Templates for New Critical Vulnerabilities||Manual||Automated|
|Thorough Web Asset Discovery||Manual||Automated|
|Scan & Discovery Schedule Handling
(blackouts, failures, etc)
|Continuously Tracking the Connection Between Web and
Self-Learning, ML-driven Performance Improvement
As a machine-learning (ML)-based platform, Delve is designed to improve its performance as it collects data. Further, as a SaaS platform, Delve can leverage data collected not just from Customer 1 for the benefit of Customer 1, but from all Delve customers using the product. So, Customer 1 benefits not only from the activities of Customer 1, but also from the activities of Customers 2, 3, 4...n.
Some examples of how the Delve platform self-improves vs traditional VM products’ fixed or static behavior are provided in the table below:
|Conventional VM Products||Delve|
|Prioritizing Vulnerabilities in Context||Not Available||ML-Based Improvement Over Time|
|False Positive Prediction/Detection||Manually Adjusted||ML-Based Improvement Over Time|
|Identification of Outlier Assets||Not Available||ML-Based Improvement Over Time|
|Identifying Predicted Remediation Timeframe for Specific Vulnerabilities||Manual||ML-Based Improvement Over Time|
|Prediction of Short-Term Exploit Publication||Partially Available||ML-Based Improvement Over Time|
Built-in, Meaningful Contextual Prioritization
Perhaps the most compelling element of Delve’s offering is its exclusive Contextual Prioritization. No other VM solution on the market delivers a prioritization capability that understands the asset’s operational context, accounts for the unique characteristics of the enterprise’s network, and yields a vulnerability risk score unique to each network...and even unique to the same vulnerability on different parts of the network. DelveAI™ leverages 3 dozen internal and external factors to yield a meaningful prioritized list of vulnerabilities, so your team knows what to fix first, and what can wait.
Delve’s Contextual Prioritization has been shown to reduce the number of critical vulnerabilities on some networks by a factor of 15. More importantly, however, Delve’s prioritization engine identifies seemingly low criticality vulnerabilities that are actually high priority, surfacing serious security issues that might otherwise be neglected.
An overview of the categories into which these 3 dozen factors fall is provided in the graphic below.
Vulnerability Risk Scoring Unique to Your Business