Vulnerability assessment and management is a critical piece in the cybersecurity program for any organization. Most organizations perform periodic vulnerability scans. However, traditional vulnerability scanning tools have largely resulted in a painful experience for customers. This is due to multiple reasons as below:

While customers have been largely unhappy with these tools, unfortunately there were no better options available then. ThreatWorx flips the model when it comes to asset discovery and scanning for vulnerabilities. This is facilitated using our open source discovery component called as TWIGS which stands for “ThreatWorx Information Gathering Script”. Here are the benefits of twigs:

To summarize twigs helps discover enough meta data about the asset and pushes it to the cloud. This meta data is used to perform a “virtual” vulnerability scan in the cloud. This is where it gets interesting – there is no scan happening on your devices on the network. Thus, your business infrastructure is not burdened with the scan at all. The “virtual vulnerability assessment” happens completely in ThreatWorx instance (which could be running in your cloud [Azure / AWS / GCP] or ThreatWorx cloud depending on your choice).

Last but not the least – once your assets are discovered, then those are proactively protected henceforth. Basically what this means is that after your assets are discovered, then ThreatWorx will automatically assess the impact of new vulnerabilities that surface (or vulnerabilities that are updated – say new exploit has been discovered) on your asset and flag any impacts of those vulnerabilities on your assets without the need for any scans. This helps eliminate the scanning burden and increases the productivity of security teams.

ThreatWorx can help revolutionize your vulnerability management program with its pro-active, continuous, no-scan, agent-less approach to vulnerability management.

Leave a Reply

Your email address will not be published. Required fields are marked *