PLATFORM - Vulnerability Management Process

The Power of DelveAI

Vulnerability Management Powered and Prioritized by DelveAI™

The following shows how DelveAI uses vulnerability management tools in each key element of the vulnerability management process.
Delve Asset Discovery
  • Automates asset discovery using AI algorithms and a self-improving expert system
  • The vulnerability management software sees and scans every asset across the network that might be exposed internally or externally
  • Includes devices, machines, servers, and web applications - eliminating the need for additional web application security testing products
See Everything
Delve Scanning & Identification
  • Automates scanning on every asset discovered across the network
  • Delve vulnerability management software autonomously scans all IT assets including devices, machines, servers, and web applications
  • Eliminates the need for other scanning tools
Scan Intelligently & Autonomously
Delve Vulnerability Prioritization
  • Machine Learning engine for false-positive pre-identification
  • Contextualized prioritization to understand what’s important
Intelligently Prioritize Risk
Delve Remediation Management
  • Delve also prioritizes the vulnerability remediation steps so organizations can remediate faster and more effectively
  • Delve’s risk-aware remediation recommender analyzes the actions that should be taken to reduce overall corporate risk and prioritizes next steps
  • The solution also organizes work into remediation packages for end users to drive operational efficiency
Remediate faster

A comprehensive vulnerability management program should include the following elements:

  • Machine Discovery and Scanning
  • Web Application Discovery and Security Testing
  • Automated Prioritization
  • Intelligent Remediation Planning

For many enterprises today, their vulnerability management program team has to piece together multiple vulnerability management tools to build a comprehensive vulnerability management program.  Not with Delve. Our complete solution not only eliminates the need to purchase, maintain, and combine multiple vulnerability management software products, but, more importantly, allows our AI engine to exploit data captured data across all vulnerability management program elements.  For example, because web application discovery and security testing is an integral part of our vulnerability management software, we use that data as part of our contextual vulnerability prioritization analysis. In short, the number of websites hosted on a given asset has a significant impact on the risk score of a vulnerability on that asset... the number of websites on a machine counts.  A vulnerability-free asset hosting a website with an unpatched vulnerability changes the calculation of the risk profile of the asset, while the reverse is also true (a machine with a vulnerability hosting a clean website enhances the risk of both the machine and the website).

Although the discovery and scanning elements of Delve’s vulnerability management software are unique in that their performance auto-improves as our ML engine collects and leverages data across our ecosystem, it’s Delve’s exclusive Contextual Prioritization that truly sets us apart from legacy vulnerability management software vendors.  Fully integrated within the Delve vulnerability management solution, Delve’s Contextual Prioritization is the only vulnerability prioritization that accounts for the vulnerability’s context on the network.

Delve’s AI engine consumes data around 3 dozen factors - internal and external - to risk-rank vulnerabilities on the network. Given its context sensitivity, Delve’s CPS (Contextual Prioritization Score) for a given vulnerability will not only vary from one network to another, but even from location to location on the same network.  Contextual Prioritization starts with the CVSS score, and the Delve CPS is progressively increased or decreased based on each of the 3 dozen factors mentioned previously. Analysis of actual customer data has demonstrated that the Contextual Prioritization process has reduced the number of critical vulnerabilities by a factor of 15 in some cases. For example, a vulnerability with a CVSS score of 10 (on a scale of 1 to 10 with ten being the most critical), after Contextual Prioritization processing, may be rescored to a 5 or 6, or even lower, meaning the vulnerability’s context in that specific location on the network - on that specific asset -  is a substantially lower risk to the enterprise than the generic CVSS score (which is rated independently of its network) would conclude. Fewer critical vulnerabilities means precious remediation resources are not wasted patching lower risk vulnerabilities and therefore maximum risk reduction is achieved for a given amount of remediation resources committed.

Perhaps more importantly, the opposite is true.  That is, a vulnerability scored low by the generic CVSS rating could, on a specific location in a specific network, represent a much higher risk to the organization.  Absent Contextual Prioritization, such a vulnerability would likely be deprioritized, and a critical exposure would go unpatched while less important vulnerability patching efforts consume precious remediation resources.

There are several scanning products on the market today that are very good at showing you all the many thousands of things that are broken.  Only automated, meaningful, intelligent prioritization can confidently tell you what you need to fix first. Delve’s Contextual Prioritization has been developed to do just that, filling a gap in vulnerability management software that has been sorely missing since the first vulnerability management tools were made available nearly two decades ago.