PLATFORM - Vulnerability Management Process

The Power of DelveAI

Vulnerability Management Powered and Prioritized by DelveAI™

The following shows how DelveAI uses vulnerability management tools in each key element of the vulnerability management process.
Delve Asset Discovery
  • Automates asset discovery using AI algorithms and a self-improving expert system
  • The vulnerability management software sees and scans every asset across the network that might be exposed internally or externally
  • Includes devices, machines, servers, and web applications - eliminating the need for additional web application security testing products
  • SEE EVERYTHING
See Everything
Delve Scanning & Identification
  • Automates scanning on every asset discovered across the network
  • Delve vulnerability management software autonomously scans all IT assets including devices, machines, servers, and web applications
  • Eliminates the need for other scanning tools
  • SCAN INTELLIGENTLY & AUTONOMOUSLY
Scan Intelligently & Autonomously
Delve Vulnerability Prioritization
  • Machine Learning engine for false-positive pre-identification
  • Contextualized prioritization to understand what’s important
  • INTELLIGENTLY PRIORITIZE RISK
Intelligently Prioritize Risk
Delve Remediation Management
  • Delve also prioritizes the vulnerability remediation steps so organizations can remediate faster and more effectively
  • Delve’s risk-aware remediation recommender analyzes the actions that should be taken to reduce overall corporate risk and prioritizes next steps
  • The solution also organizes work into remediation packages for end users to drive operational efficiency
Remediate faster
quotes redorangecircle@2x

“Delve’s results are about 95% consistent with the pen testing we’ve done, so there’s no reason to pay for a pen test anymore...it’s a tremendously effective product.”

~ Network System Administrator

quotes redorangecircle@2x

“We like how the contextual prioritization allows us to work on what matters most...and the dashboard gives stakeholders what they want: where do we stand in vulnerability security relative to other companies…”

~ Head of Security

quotes redorangecircle@2x

“One of the things we liked about Delve was how easy it was to set-up and run versus another product we tried. Within the first day of using Delve, we had valuable, actionable data...and Delve’s contextual prioritization gives us the high value targets to go after first. Before Delve, our prioritization was very manual.”

~ Network Administrator

A comprehensive vulnerability management program should include the following elements:

  • Machine Discovery and Scanning
  • Web Application Discovery and Security Testing
  • Automated Prioritization
  • Intelligent Remediation Planning

For many enterprises today, their vulnerability management program team has to piece together multiple vulnerability management tools to build a comprehensive vulnerability management process.  Not with Delve. Our complete solution not only eliminates the need to purchase, maintain, and combine multiple vulnerability management software products, but, more importantly, allows our AI engine to exploit data captured across all vulnerability management program process steps.  For example, because web application discovery and security testing is an integral part of our vulnerability management software, we use that data as part of our contextual vulnerability prioritization analysis. In short, the number of websites hosted on a given asset has a significant impact on the risk score of a vulnerability on that asset... the number of websites on a machine counts.  A vulnerability-free asset hosting a website with an unpatched vulnerability changes the calculation of the risk profile of the asset, while the reverse is also true (a machine with a vulnerability hosting a clean website enhances the risk of both the machine and the website).

Although the discovery and scanning elements of Delve’s vulnerability management software are unique in that their performance auto-improves as our ML engine collects and leverages data across our ecosystem, it’s Delve’s exclusive Contextual Prioritization that truly sets us apart from legacy vulnerability management software vendors.  Fully integrated within the Delve vulnerability management solution, Delve’s Contextual Prioritization is the only vulnerability prioritization that accounts for the vulnerability’s context on the network.

Delve’s AI engine consumes data around 40+ factors - internal and external - to risk-rank vulnerabilities on the network. Given its context sensitivity, Delve’s CPS (Contextual Prioritization Score) for a given vulnerability will not only vary from one network to another, but even from location to location on the same network.  Contextual Prioritization starts with the CVSS score, and the Delve CPS is progressively increased or decreased based on each of the 3 dozen factors mentioned previously. Analysis of actual customer data has demonstrated that the Contextual Prioritization process has reduced the number of critical vulnerabilities by a factor of 15 in some cases. For example, a vulnerability with a CVSS score of 10 (on a scale of 1 to 10 with ten being the most critical), after Contextual Prioritization processing, may be rescored to a 5 or 6, or even lower, meaning the vulnerability’s context in that specific location on the network - on that specific asset -  is a substantially lower risk to the enterprise than the generic CVSS score (which is rated independently of its network) would conclude. Fewer critical vulnerabilities means precious remediation resources are not wasted patching lower risk vulnerabilities and therefore maximum risk reduction is achieved for a given amount of remediation resources committed.

Perhaps more importantly, the opposite is true.  That is, a vulnerability scored low by the generic CVSS rating could, on a specific location in a specific network, represent a much higher risk to the organization.  Absent Contextual Prioritization, such a vulnerability would likely be deprioritized, and a critical exposure would go unpatched while less important vulnerability patching efforts consume precious remediation resources.

There are several scanning products on the market today that are very good at showing you all the many thousands of things that are broken.  Only automated, meaningful, intelligent prioritization can confidently tell you what you need to fix first. Delve’s Contextual Prioritization has been developed to do just that, filling a gap in vulnerability management software that has been sorely missing since the first vulnerability management tools were made available nearly two decades ago.

There are multiple vulnerability process steps in the typical vulnerability management process, but none is more crucial than prioritization.  With tens or hundreds of thousands of vulnerabilities on the typical corporate network, it's nearly impossible to manually prioritize remediation tasks, so a meaningful, automated means of prioritizing vulnerabilities is essential to an effective vulnerability management process.  Moreover, to be confident in the prioritization results, the prioritization needs to be comprehensive, and based on more than just one or two factors. And, the prioritization must account for each individual vulnerability's context, from the asset on which it resides, to the part of the network housing the asset, to the organization itself, as well as the external threat environment. The calculation must be repeated multiple times daily, as internal and external factors are constantly changing. Finally, as the most important step in the vulnerability management process, the prioritization engine must rank vulnerabilities from 1 to n, not bundle them in groups. Remediation teams must be given a prescriptive list of tasks that will optimize risk reduction as part of vulnerability management process steps.

Delivering a robust prioritization element for the vulnerability management process that provides a meaningful, automated risk score for each vulnerability as described above is simply not possible without the use of artificial intelligence. Delve's AI engine powers all of the vulnerability management process steps, but it's value in the prioritization stage is irreplaceable. Delve's Contextual Prioritization accounts for 3 dozen factors for each of the thousands of vulnerabilities on the typical enterprise network, and revisits the calculated risk scores multiple times daily. The Delve AI engine also leverages anonymized data from other customers in the Delve cloud to arrive at the most informed, meaningful vulnerability risk score on the market, all without human intervention.