Challenges:
- To get rid of the tedious manual vulnerability assessment process.
- Manual scanning, assessing and assigning the vulnerabilities, and following up the fix of the vulnerabilities with the support groups.
Background:
Customer has 3 Vulnerability Assessment and Penetration Testing processes. Vulnerability Assessment: Vulnerabilities scanned on the Infrastructure through Scanner and assigned to Support groups for Fixing. Configuration Audit: Compliance is checked on the configuration items on a specific set of SCD Parameters by the Scanner and non-compliant points were assigned to Support groups for fixing. For both VA and CA, manual spreadsheets based dashboards was present. Application Security: Manual Testing done on various applications by vendor team. The Inventory was maintained on spreadsheets
Solutions:
- CMDB Build for the customer with appropriate CI classes and attributes defined and Relationship Mapping between different CIs.
- Integration done using the Tenable Connector to import the Vulnerabilities scanned by Tenable directly on ServiceNow.
- API Integration for fetching the Configuration Audit non compliance on Configuration Items from Tenable to ServiceNow.
- Automatic Vulnerable Items records are created on ServiceNow and assigned directly to support groups for fixing with a remediation target mapped.
- Vulnerable Items are grouped into Vulnerability Groups for bulk analysis and SLAs tracking.
- Custom APIs Integration to initiate the Rescan of the fixed VIs for confirming the Vulnerability Remediation.
- Automated Exception Process for seeking Approvals created on ServiceNow with notifications being triggered to the Stakeholders at different intervals.
- Real-time Visibility into the Vulnerability Remediation Status and SLA Tracking with Dashboards.
- Performance Analytics Dashboards were created which helps with Trend Analysis and provides the real time visibility.
Benefits:
- Creation of vulnerable item records relating to the Cis directly into ServiceNow.
- Eliminated inconsistency of information.
- 90% reduction in the time to assign Vulnerabilities automatically to the Support Groups.
- 30-40% reduction in the Mean Time to Remediate.
- Automated Remediation Scanning integration to verify and close the fixed vulnerabilities.
- Automated Exception process to seek sequential approvals thus giving visibility on what level the Exception Review is pending.
- Real Time visibility to track the VI State, Remediation Targets and SLAs via dashboards.
Customer
Kotak
Industry
BFSI
Location
Noida, India
Employees
1,000 to 5,000
Products
Vulnerability Response