Gaining Greater Insight into Risks and Vulnerabilities

The Requirements

Provide Visibility and Risk Context

Before deploying Balbix, this FinServ institution used 3rd party scanners and assessments for their vulnerability management program. However, they were looking to increase their cyber-resilience.

• The team wanted a real-time view of their environment, including collecting and analyzing data using a continuous process.
• They wanted to keep up with changes in asset inventory as network changes were being made.
• They needed their risk ratings to reflect the business value of the underlying assets.
• They needed vulnerability prioritization to become an automated process.
• Most of all, they wanted to measure whether patching was successful.

“We knew that getting real-time visibility to asset changes and our risk posture would enhance our security program. We also wanted to measure the effectiveness of our patching strategy, and the accuracy of our inventory,” says the CISO. “Before Balbix, we could get answers to questions like; ‘Were we missing patches on critical systems? Why did our device count drop so much since the last scan?’ but it required some manual effort.”

The Path Forward

Risk-Based Vulnerability Management

The CISO and his team were in the process of evaluating several tools when they came across Balbix.

“I knew that Balbix would be great for our security stack during the demo and evaluation phases of our search. The dashboard gave me visibility over my entire network that I had never seen before,” he recalled. “The global risk insights was unique as well and I could see the same issue (missing patches, weak passwords, etc) in different priority levels on the list, showing that Balbix was prioritizing fixes based on asset importance.”

Before Balbix, we were doing a good job on vulnerability management, but it was hard to measure and report on the current status. We knew were making progress QoQ but didn’t have the metrics to support this. Balbix provided us with an unparalleled ability to communicate our progress and get support from others in the organization. I am now able to measure and showcase the performance of my awesome patch management team, all thanks to Balbix.

In addition, the CISO credits Balbix for achieving a huge time savings for his team. For him, the biggest value-add that Balbix brings is, “the ability to provide risk with context, which saves time in manual classification and calculations.”

The team uses Balbix as a single source of truth for exposure and to address any gaps in their overall security posture. They no longer have to look at three or four different tools to get this information.

Balbix is my go-to dashboard for any issue that comes up regarding our inventory, risk, or vulnerability state. I often use it to fact-check the other internal systems we use for patching and CMDB.

Balbix has also improved their ability to show progress on MTTP to management, a critical metric for the CISO’s vulnerability management program. “It was a little concerning at first to see red on some of our dashboard metrics, but because it allows us the laser focus we need to prioritize, our risk has steadily been decreasing as well as our mean-time-to-patch (MTTP),” he states. “Going forward, we’re going to start bringing other teams into the Balbix platform so we can better coordinate activities and ownership of issues.”