We just raised a $30M Series A: Read our story
2021-02-02T18:29:00Z

Vulnerability Management and Risk Management Integration

41

Does anyone have recommendations about methodologies (e.g. use of FAIR framework), plug-ins (ETL schemas, FOSS add-ons) or commercial/free solutions (like Kenna) that can help us during "integration, transformation and consolidation" of vulnerability into risks (from Tenable.IO to Archer)?

ITCS user
Guest
23 Answers

author avatar
User

Yes, take a look at DeepSurface. It’s designed to automate the process. 

2021-02-05T01:41:05Z
author avatarJairo Willian Pereira
Top 5LeaderboardReal User

@James Dirksen thanks, i'll check it.

author avatar
User

Clear use with the NIST compliance framework, Archer IRM 6.9.sp3.p2, use of pre-processing out of Archer and now integration with agnostic tools. 


FOSS or premium brands - all depends on your supply chain risk. 


Support for qualitative nice to get a bow-tie on when quantitative data works for you. Add your methods, AWARE, FAIR, COBIT, ATT&CK; all visuals.

2021-11-06T13:24:15Z
Find out what your peers are saying about Tenable Network Security, Rapid7, Morphisec and others in Vulnerability Management. Updated: November 2021.
552,407 professionals have used our research since 2012.