Security Compliance Monitoring

Automatically detect and report externally visible compliance issues

The continuing stream of high impact network breaches and ransomware attacks is a clear testament to the potential consequences of missing a single security patch. Vulnerability and patch management processes are now critically important for the sustained security of any organisation.

Gaining a real insight into the effectiveness of a vulnerability patch management process can be challenging. Internal tools can’t provide an accurate measure of external risk and the number and complexity of current vulnerabilities makes it difficult to accurately quantify any risks or gaps in an existing process.

Our patch monitoring service was designed to fulfil two critical requirements for organisations that already have an established vulnerability remediation and patch deployment process:

  • Provide an additional line of defence in case a critical security patch falls through the gaps.

  • Provide objective feedback for internal SLAs or KPIs on how well your existing processes are working.

Our standard Patch Compliance Monitoring service offering includes:

  • We will work with you to establish your expected SLA for patch deployment. This gives us a map of vulnerability severity and risk levels to your expected patch deployment time.

  • Our automated analysis tools will continually monitor your attack surface for any unpatched vulnerabilities. If we detect any vulnerabilities where the patch time has exceeded the agreed SLA we will notify you of the issue.

We can also provide a bolt-on vulnerability validation service. This adds an on-demand vulnerability validation step where we will examine externally reachable assets for instances of a specific vulnerability. Integrating this into your regular vulnerability management process adds an immediate external validation step for high risk vulnerabilities.

Our Internet wide data set provides a clear indication that many organisations are not effectively resolving known vulnerabilities, this service will help you to avoid being the next high profile victim.

To discus any specific requirements or to get a quote for your organisation, please get in touch.