Challenges:

  • To get rid of the tedious manual vulnerability assessment process.
  • Manual scanning, assessing and assigning the vulnerabilities, and following up the fix of the vulnerabilities with the support groups.

Background:

Customer has 3 Vulnerability Assessment and Penetration Testing processes. Vulnerability Assessment: Vulnerabilities scanned on the Infrastructure through Scanner and assigned to Support groups for Fixing. Configuration Audit: Compliance is checked on the configuration items on a specific set of SCD Parameters by the Scanner and non-compliant points were assigned to Support groups for fixing. For both VA and CA, manual spreadsheets based dashboards was present. Application Security: Manual Testing done on various applications by vendor team. The Inventory was maintained on spreadsheets

Solutions:

  1. CMDB Build for the customer with appropriate CI classes and attributes defined and Relationship Mapping between different CIs.
  2. Integration done using the Tenable Connector to import the Vulnerabilities scanned by Tenable directly on ServiceNow.
  3. API Integration for fetching the Configuration Audit non compliance on Configuration Items from Tenable to ServiceNow.
  4. Automatic Vulnerable Items records are created on ServiceNow and assigned directly to support groups for fixing with a remediation target mapped.
  5. Vulnerable Items are grouped into Vulnerability Groups for bulk analysis and SLAs tracking.
  6. Custom APIs Integration to initiate the Rescan of the fixed VIs for confirming the Vulnerability Remediation.
  7. Automated Exception Process for seeking Approvals created on ServiceNow with notifications being triggered to the Stakeholders at different intervals.
  8. Real-time Visibility into the Vulnerability Remediation Status and SLA Tracking with Dashboards.
  9. Performance Analytics Dashboards were created which helps with Trend Analysis and provides the real time visibility.

Benefits:

  1. Creation of vulnerable item records relating to the Cis directly into ServiceNow.
  2. Eliminated inconsistency of information.
  3. 90% reduction in the time to assign Vulnerabilities automatically to the Support Groups.
  4. 30-40% reduction in the Mean Time to Remediate.
  5. Automated Remediation Scanning integration to verify and close the fixed vulnerabilities.
  6. Automated Exception process to seek sequential approvals thus giving visibility on what level the Exception Review is pending.
  7. Real Time visibility to track the VI State, Remediation Targets and SLAs via dashboards.
Benefits

Customer

Kotak

Industry

BFSI

Location

Noida, India

Employees

1,000 to 5,000

Products

Vulnerability Response