Late 1990s and Early 2000s
Scan and Patch It
Without a doubt, deploying VM scanners worked successfully to identify and report on vulnerabilities across enterprises. While mostly a manual process, SecOps teams could handle the required assessment workload with this tedious “find it, patch it” approach. However, as networks expanded, VM scanners would slow network traffic and critical applications (i.e., VoIP) due to high utilization. Soon, VM scanning became a necessary evil that was scheduled at select times to not hinder network throughput and business productivity.
A Decade Ago – 2010s
Automation and Rating Tools
With the ongoing goal of ‘continuous visibility’ and fast remediation, VM systems evolved beyond scanning appliances and objective CVSS-based ratings. Vulnerability Management platforms implemented more automation of threat detection and remediation capabilities to expedite incident resolution and scale to support large, expanding enterprises. To save time and money, VM systems provided automated playbooks and workflow presets to increase efficiency and reduce human error, while some VM systems added more vulnerability rating tools beyond just CVSS. However, with the adoption of cloud services, the attack surface expanded, the number of vulnerabilities increased exponentially, and security teams were, once again, overwhelmed as not all incidents could be readily addressed and prioritized. A new approach was again needed.
Today – 2020s
The Rise of Risk-based Vulnerability Management
Without question, risk-based prioritization is essential for modern vulnerability management. Still based on a continuous visibility foundation, advanced vulnerability management solutions utilize multiple techniques to discover and assess the more transient devices and systems in today’s dynamic cloud and mobile environments. Up-to-the-minute inventory discovery and assessment is essential as services and users come and go on the network.
One of the most significant advancements in VM systems is the fact that modern security solutions now rely on advanced vulnerability and threat intelligence to discover and assess new cloud services and mobile devices. This intelligence is coupled with risk-rating tools to prioritize threats and exposures more accurately to address the most business-critical vulnerabilities first, providing prioritized remediation efforts. The most effective
Risk-based Vulnerability Management (RBVM) solutions combine multiple rating systems while analyzing and mitigating known and unknown threats based on true business risk vs. just incident severity level.
Risk-Based Vulnerability Management
![](https://www.edgescan.com/wp-content/uploads/2023/08/icon-FSVM-button.svg)
A Key Component of a Modern Vulnerability Management System
Edgescan’s Risk-based Vulnerability Management solution is a key component of its integrated security platform and a necessary tool for a modern vulnerability management system. It delivers validated vulnerability data and quickly rates the severity level of each exposure using a proprietary scoring process called EVSS (Edgescan Validated Security Score). The platform also uses these industry-established risk-rating systems:
CVSS — Common Vulnerability Scoring System
EPSS — Exploit Prediction Scoring System
CISA KEV — CISA Known Exploited Vulnerability
The Edgescan is a full-stack platform that integrates RBVM software along with four essential security technologies into one platform; these solutions include:
Penetration Testing as a Service (PTaaS)
External Attack Surface Management (EASM)
Application Security Testing (AST)
Web and
API Security Testing.
All these technologies utilize a common, extensive data lake and an integrated, intuitive user interface – advancing vulnerability intelligence and simplifying operations and training. The “full stack” intelligence we garner by the combination of these tools is unparalleled in the industry and helps our customers maintain a strong security posture through (once again) continuous visibility. Edgescan’s actionable, risk-rated vulnerability intelligence helps security teams ‘know where to focus first’ and understand exposure details, risk levels and accelerates response times.
Watch this
platform overview video to learn more about how Edgescan can help your organization modernize its vulnerability management system and achieve continuous visibility and fast remediation, or
request a personalized demo here >>