Skip to content

Trending tags

What to consider when choosing a vulnerability management vendor?

Noora Hyvärinen

12.02.17 3 min. read

Only a while ago, Gartner released their Market Guide for Vulnerability Assessment. It is not only a great primer to this crucial element of a holistic cyber security program, but we at F-Secure are proud to have been listed in it by Gartner as a vendor of vulnerability management technology and solutions, and therefore offer a complimentary copy of the Market Guide for you to get an authoritative update on the topic.

Let’s just go through a quick recap of the report, though, by revisiting what vulnerability assessment (VA) and management (VM) are all about, and what’s currently trending. As said, VM is in the core of information and business risk management. It is the process of identifying, assessing and remediating security threats and weaknesses in your organization’s network and web apps. In other words, predicting and mapping your IT assets’ attack surface and its vulnerabilities, and preventing and patching them, in order to ensure business continuity.

Considering a vulnerability management vendor? Check this must-have list first.

The bare minimum that vulnerability management vendors, such as F-Secure, provide should be capabilities to identify, categorize and manage vulnerabilities. These vulnerabilities include unsecure system configurations or missing security updates in your network-attached devices. Other common VM services have capabilities like discovering and identifying said network-attached IT assets, but especially reporting on the security configuration these assets have.

Understanding the state of your IT assets’ security configuration establish the baseline of their vulnerability conditions, including their applications and databases. Very importantly so, Gartner recommends to choose a vendor with VA technology that identifies and tracks changes in vulnerability states, producing IT managers with frequent reports to support specific compliance regimes, controlling frameworks and roles. Additionally, and unconditionally, you should look for a solution that supports risk assessment and remediation prioritization of vulnerabilities, their severity, asset criticality and prevalent threat.  These crucial VM technology features will support your organization security threat management and compliance.

VM is a foundational component of holistic cyber security

In their Market Guide, Gartner recommends to evaluate available vendor portfolio synergies. That is, some of the vendors also offer their VM solution as one component in a broader integrated portfolio. F-Secure too has a holistic approach to cyber security. Depending on your requirements, we combine technologies that provide a greater-than-the-sum security posture, and can also prove cost-effective when bundled.

To learn more about how to easily control and manage IT security risk, F-Secure Radar  that will help you identify and remediate vulnerabilities in any platform or web application. Or better yet, go ahead and register for a free trial

Gartner, Inc., Market Guide for Vulnerability Assessment, Oliver Rochford, Prateek Bhajanka, 05 December 2016.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Noora Hyvärinen

12.02.17 3 min. read


Related posts

Newsletter modal

Thank you for your interest towards F-Secure newsletter. You will shortly get an email to confirm the subscription.

Gated Content modal

Congratulations – You can now access the content by clicking the button below.