Karim Toubba, CEO of Kenna Security, stopped by the ESG studio to discuss SOAPA and its application to vulnerability management. In part 1 of our video, Karim and I discuss:
- The problem with vulnerability management. Vulnerability management is one of the most mature categories of cybersecurity technology so I pressed Karim on why it applies to a new architecture like SOAPA. His response was intriguing – the issue is sorting through all the data as enterprises are dealing with millions of vulnerabilities across a full technology stack from host systems to applications to cloud workloads. SOAPA and new types of data analytics can help organizations process and manage the data, making it more useful for decision making.
- How have organizations dealt with this situation in the past? Vulnerability management has always been centered around individual tools for vulnerability scanning, penetration testing, static/dynamic application testing, etc. Sophisticated security shops built infrastructure, wrote software, and placed all this data in a database while resource-constrained firms tried to manage this process using spreadsheets. Regardless of the method, however, growing data volumes are simply overwhelming organizations, resulting in a situation where it is extremely difficult to understand vulnerabilities, prioritize remediation actions, and mitigate risk. SOAPA (and Kenna Security) can help here.
- How Kenna Security aligns with the SOAPA model. The whole point of SOAPA is to collect, process, analyze, and act upon security data in a more efficient and effective manner, thus bolstering productivity and improving security. Kenna does this by normalizing data across a full stack of technologies (i.e., network, endpoint, application, cloud, etc.), comparing on-site vulnerability data with exploit intelligence, processing this data using machine learning algorithms, and then presenting decision makers with a succinct list of the highest priority vulnerabilities that need immediate attention. This allows CISOs to mitigate, manage, and track risk at a more granular level than they can today.
- The bridge between security and IT operations. Karim reminds us that security operations is a team effort between security and IT operations – security professionals find problems while IT operations staffers remediate the problems. Unfortunately, collaboration is often strained because each group has different priorities, tools, and objectives. By prioritizing vulnerabilities and calculating risk, Kenna applies a SOAPA model to help streamline vulnerability management/remediation processes, improve teamwork, and most importantly, mitigate cyber-risks.
More soon in part 2 of my SOAPA video with Kenna Security. There are lots of other videos and SOAPA materials on the ESG website to peruse here as well.