Propellent

Vulnerability Management

Protect your environment and your reputation

Why do you need this?

Vulnerability Management is the bedrock activity that supports and informs all cyber and risk assessment activities.

This allows you to:

  • Understand your risk exposure 
  • Effectively prioritise your remediation activities
  • Track historical remediation progress
  • Enhance the chance of passing audits on the first attempt
  • Understand where you need to focus investment

Vulnerability Management Explained.

Vulnerability Management Explained.

Vulnerability Management allows you to determine what is on your network, what state it's in and who owns it.

Without this knowledge, creating an accurate risk model, understanding where to deploy often expensive and niche products and expertise and being able to articulate those needs to the business is all but impossible.

A successful vulnerability management programme should allow you to progress from a reactive state to a proactive state and finally to a predictive state where you are able to clearly understand the full spectrum of risks across your estate, how vulnerabilities / threats / assets relate to one another and how to clearly articulate both the value of your programme and the reduced risk to the business in language it understands.

Benefits

Know your assets, who owns them and what state they’re in. This is key to understanding risk in your environment.

Maybe you’re looking to pass an industry specific certification or a more general audit such as Cyber Essentials or ISO27001 or even just understand where you need to invest in your estate, our vulnerability scanning service can help you. 

  • Reduced risk of failing audits, knowing what’s on your network, what state it’s in and who controls it is essential to understanding your estate
  • Expert support from our team of experienced staff who have years of experience with planning and running vulnerability management programmes
  • Remediation prioritisation to help you target the most critical issues in your network via focussed, specific dashboarding, reporting and discussion
  • Acceleration of your risk reduction allowing you to gain clarity faster and understand your environment quicker

Description

As with every service we offer at Propellent, we begin with a discovery session.  This covers such topics as the range of networks you wish to include in scope, patching and scanning cycles, timings and impact assessment and much more. 

This is designed to help us gain an insight into your environment as quickly as possible and propose a plan that has the reach and sizing to ensure you’re covering your asset correctly with minimum impact to operations

All scanning is configured and conducted by our expert staff after discovery consultation with your business.  For customers opting for “with you” this will be done in conjunction with your people to enhance knowledge and increase skills across your organsation.  For customers choosing “for you” our experts will schedule regular meetings with the correct people in your organisation to ensure the targeted remediation data is with you in the shortest possible time. 

 This includes:

  • Detailed reports taking into account contextual awareness of your environment aimed at focussing remediation efforts on the top 10 / top 100 most critical assets in your environment
  • Regular feedback sessions where advice is shared, best practice re-inforced and suggestions for improvements in efficiency discussed

The service can be purchased in a variety of forms with us assisting or managing for you over a 12 month period or you can enjoy discounts for terms beyond 12 months.

Propellent offer three options

  • For You - Fully Managed Service
  • With You - Customer Upskill
  • By You - Customer Led

This approach is a fully managed service.

Propellent will assign technical and account resources and will own building and operating a fully managed solution on behalf of the customer.

With this approach, Propellent will, where appropriate, write or update policy, perform discovery workshop with customer, resulting in a technical implementation plan and deployment of the product.

Once commissioned, Propellent will operate the service for the customer, sharing the appropriate outputs needed for customer success.

Features of the service include:

  • Dedicated account manager
  • Report customisation
  • Report analysis outputs
  • Remedial action analysis
  • Maintain product currency
  • Integration into other tools

Included is software and license, planning and design, commissioning, knowledge transfer and an ongoing package of support.


Outcome

The end goal is to provide the customer with a hands off solution that provides them the outputs needed to succeed.

This approach is a middle ground between the Propellent fully managed service offering, and the Customer managing the tool.

With this approach, Propellent will bring customer staff along for the journey, upskilling and knowledge transferring to develop a strong in-house team.

Features of the service include:

  • Dedicated account manager
  • Training
  • Product support for installation and run

Included is software and license, planning and design, commissioning, knowledge transfer and an ongoing package of support.

Outcome

The end goal is to help the Customer to build a their own functional, fit for purpose vulnerability management programme, with guidance and support throughout the full product lifecycle.

This approach is a fully customer driven activity with Propellent providing licensing.

The customer owns the software and license, planning and design, commissioning, and all operational obligations.

If required Propellent can assist with consulting via our SkillFlex service.

Outcome

The customer has full ownership and accountability of all stages of their product implementation.
The end goal is the customer has full ownership and accountability of their own Vulnerability management programme, with the availability of expert backup and support.

Why Propellent?

Our name might be new, our experience is anything but.  Our experts have years of experience as consumers, advocates, technical experts and vendor direct experience in the field.  

We have helped everyone from small charities to FTSE100 companies understand and manage their risk and improve their security posture.  If you want to see how we can help accelerate your journey, get in contact today.