Sevco Security, the provider of an asset intelligence platform, has announced the next stage in its ongoing commitment to secure modern enterprise attack surfaces. This latest stage builds on the company’s existing strengths, allowing it to proactively prioritise, automate and validate the resolution of exposure issues, according to a statement. These include software and environment vulnerabilities such as missing security tools and IT hygiene problems.
At its core, Sevco’s new platform seeks to ensure Chief Information Security Officers (CISOs) can fully understand all the cyber risks their organisations confront, thereby facilitating informed decision-making. The new approach moves beyond identifying only Common Vulnerabilities and Exposures (CVEs), helping CISOs monitor remediation of other vulnerabilities, driving accountability across the enterprise. As a result, organisations can make more informed business decisions.
The latest Sevco platform, with its comprehensive inventory of assets and newly integrated exposure management capabilities, is designed specifically to offer the essential insights required to comprehend, prioritise and rectify vulnerabilities across an enterprise’s entire environment. Yet, the question of asset security creates a paradox of sorts: although CISOs are held accountable for the security of every enterprise network asset, they aren’t responsible for solutions providing an accurate inventory of those assets.
In addressing this issue, Sevco Security CEO and Co-founder J.J. Guy said his company was seeking to go beyond the degree of specificity provided by ‘Cyber Asset Attack Surface Management’ (CAASM). According to Guy, “As the industry’s first asset intelligence provider with the most accurate inventory, Sevco provides visibility across the vulnerability lifecycle. This is the next step in our mission to enable CISOs to mature security operations effortlessly.”
Sevco also marked a new phase in disclosure management. The updated capabilities centralise known exposure issues while uncovering previously unnoticed vulnerabilities. They also automate issue resolution and (in conjunction with a new remediation analytics dashboard) allow for real-time tracking of issues ranging from their surfacing through to their final resolution. This constant monitoring enables executives to achieve quantifiable insights into exposure remediation programmes, drawing attention to effective and ineffective areas.
The importance of these developments cannot be understated. As the CISO of Driven Brands, Kevin Morrison, noted, “A closed ticket doesn’t mean a vulnerability was actually fixed. Sevco surfaces those challenges, allowing teams to collaborate across departments to continuously improve our security posture and mature operations”.
Greater prioritisation of vulnerabilities requires a robust and trusted asset inventory. Sevco leads the way in this arena with its asset intelligence platform, highlighting missing tools as a serious exposure issue. The company’s research has shown that over 20% of enterprise devices are missing critical tools, emphasising that without an accurate asset inventory, vulnerability management programmes can run into severe difficulties.
Sevco extends this process by prioritising a range of vulnerabilities, including CVEs and environmental vulnerabilities like missing security controls, thereby ensuring a comprehensive overview of security issues. In parallel with vulnerability management programmes, Sevco assists CISOs in determining which vulnerabilities pose the greatest risk to enterprise operations.
The platform also helps unify disparate teams and tools, which often increase enterprise risk and hamper security maturity. Thanks to automated remediation, remediation validation and asset intelligence, Sevco allows for cross-departmental tracking of the remediation state over time, breaking down silos in the process.
Sevco Security will reveal Exposure Management, at the RSA Conference set to take place May 6-9, 2024 in San Francisco, California.
About Author
