Synack’s Penetration Testing as a Service (PTaaS) platform now has an integration with Cisco Vulnerability Management (formerly Kenna.VM). Synack’s solution combines our platform with the expertise of our human-led security researchers, the Synack Red Team (SRT), to find the most critical exploitable vulnerabilities. Cisco Vulnerability Management ingests data from Synack and other security tools to provide a centralized view of risk, effective prioritization and efficient remediation.
Today’s organizations use multiple security tools, including scanners, endpoint detection, threat intelligence, security testing and cloud security to gather information on the security exposures their environments may be vulnerable to. Each type of tool provides different, yet valuable, insights into security risk. However, because these tools report their findings separately and in different ways, it’s difficult to search, correlate and prioritize which vulnerabilities are most critical and time-sensitive to remediate.
Cisco Vulnerability Management addresses this challenge by integrating with numerous security tools and threat intelligence feeds to gain a comprehensive view of threats, trends and risk profiles. Cisco Vulnerability Management provides a single source of data-verified truth, aligning security and IT, eliminating friction and freeing up resources, and intuitive risk scores that generate easy-to-understand reports. Advanced algorithms combined with internal and external intelligence offer recommended fixes that help remediate high-risk vulnerabilities before bad actors can mount an attack.
Synack’s PTaaS integration adds exploitable vulnerability findings, derived from the expertise of SRT testing, as a new and distinct data source to Cisco Vulnerability Management. Automated security data sources such as scanners, while valuable, don’t provide full insights into security exposure. Their results can be noisy because they don’t confirm which vulnerabilities might be thwarted by an environment’s security defenses. On the other hand, Synack PTaaS testing of critical assets confirms which vulnerabilities are exploitable by bad actors, along with a detailed analysis of attack methods and recommendations to remediate security gaps. Synack PTaaS also offers patch verification to confirm that security gaps have been closed. Unlike traditional and static penetration testing, Synack PTaaS can be run continuously to test for the latest threats.
The combination of Cisco Vulnerability Management and Synack PTaaS reduces overall risk, while improving security operations efficiency. Joint customers can obtain the Synack Connector for Cisco Vulnerability Management here.
About Synack
Synack’s Penetration Testing as a Service platform manages customers’ attack surfaces by discovering new assets, pentesting for critical vulnerabilities and gaining visibility into the root causes of security risks. We are committed to making the world more secure by harnessing a talented, vetted community of security researchers to deliver continuous penetration testing and vulnerability management, with actionable results. Synack’s PTaaS platform has uncovered more than 83,500 exploitable vulnerabilities to date. If you’re interested in scheduling a demo with a Synack representative, please visit www.synack.com/demo.
