How Origami Risk tackled exposure risk with Vulcan Cyber
Discover how Origami Risk leveraged the Vulcan Cyber ExposureOSto enhance exposure management, optimize operations, and boost cross-functional collaboration to reduce critical risk across the organization.
Origami Risk is a leading provider of integrated cloud-based SaaS solutions for the risk and insurance industry. Based in Chicago, Illinois, the company serves hundreds of customers in over 10 countries.
The Origami Risk product security team utilizes various methods and tools for proactive remediation of security vulnerabilities; including multiple vulnerability scanners, secret scanning tools, SAST, DAST, threat modeling, internal and external penetration testing, SaaS scanners, and more.
In addition, they use Jira for collaborating with remediation owners across IT and engineeringdepartments.
They were looking for a solution that could offer seamless integration with their existing security tech stack and enable them to aggregate their siloed data and manage all vulnerabilities from one place.
Watch the full conversation >>
The challenge
With no efficient security program in place, Origami Riskstruggled to keep up with theirmassive vulnerability backlog. Their scattered portfolio of scanners and security tools generated plenty of findings, but also a great deal of noise, leading to duplications and data silos that limited their ability to prioritize vulnerabilities based on actual business risk.
This siloed approach led to time-consuming manual work of identifying and prioritizing vulnerabilities from dozens of different sources, resulting in misallocatedefforts and increased time-to-remediation.
Data silos hinder the remediation process
Lastly, using siloed data from different tools made it difficult to track progress and communicate risk to relevant stakeholders and leadership, blocking proper resource allocation and buy-in from the rest of the organization.
Ultimately, Origami Risk faced four major challenges:
Fragmented and duplicated security data
Inefficient vulnerability management processes
Arbitrary risk scores that didn’t reflect actual business risk
Difficulty providing analytics and metrics to stakeholders and leadership.
To overcome these challenges, Origami Risk turned to Vulcan Cyber to implement a comprehensive solution that streamlined their security operations and enhanced their overall exposure risk management.
Origami Risk sought a solution that would enable them to manage all vulnerabilities from one place, facilitate contextualized prioritization, streamline remediation efforts, and provide comprehensive reports to communicate risk to various stakeholders.
Using off-the-shelf integrations, Origami Risk could rapidly connect to their existing security tools without any cumbersome customizations. This allowed the security team to consolidate their scattered security data into a unified platform, eliminating data silos and providing a clear view of their vulnerabilities and assets.
As a further measure to ensure data hygiene, Origami Risk used Vulcan Cyber to reduce data noise by:
Deduplicating assets from multiple sources
Clustering vulnerabilities to allow bulk actions
This approach eliminated redundant findings and made it easier to prioritize and act on critical risk.
For effective risk-based prioritization that would allow Origami Risk to focus on critical vulnerabilities first, Vulcan Cyber provided data enrichment and customized tagging capabilities, including:
Business impact based on organizational structures
In addition, to ensure that prioritized vulnerabilities are addressed swiftly and efficiently within the SLA, Vulcan Cyber streamlined the security team’s collaboration with remediation owners and automated the remediation process through:
Finally, Origami Risk could transform reporting and analytics from a cumbersome and time-consuming task into a simple and intuitive experience. With the click of a button, the security team could utilize ready-made reports tailored to different audiences and use cases to simplify communication and improve decision-making.
Overall, the solution delivered to Origami Risk allowed them to:
Set up a single source of truth for all security data
Establish a contextualized prioritization process based on business impact and threat intelligence
Facilitate better collaboration with remediation owners within the SLA
Enhance their risk reporting capabilities
With these capabilities in place, Origami Risk was well-equipped to tackle their security challenges head-on.
The results
One of the greatest advantages of implementing the Vulcan Cyber ExpousreOS, is having all data consolidated on a single platform, and relieving the team of having to juggle between dozens of separate security systems.
This data hygiene, together with relevant data enrichment, has transformed Origami Risk’s prioritization process, allowing them to allocate resources properly and ensure critical risks are mitigated in time.
Collaboration with remediation owners has also been streamlined thanks to automated campaigns integrated with Jira, and full remediation guidance and context.
Key results:
Streamlined security operations
Reduced MTTR
Improved cross-functional collaboration
Better security posture
Last but not least, Origami Risk saw a significant ROI from the Vulcan Cyber reporting capabilities. Ready-made reports covering consolidated data from across attack surfaces allowed the security team to get a real-time view of their security posture, track their security programs, and efficiently communicate risk across – and outside – the organization.
Some of their most utilized reports include:
CISO leadership report – providing an accurate snapshot of everything at once.
SLA report – tracking SLAs to ensure timely remediation.
Exposure report – keeping up with the organization’s risk exposure based on threat intelligence.
Next steps
Going forward, Origami Risk are looking forward to enhancing theirreporting capabilities even further with custom reports for specific teams, and utilizing the risk acceptance feature to accept non-critical risk and focus their remediation efforts where they are truly needed.
Want to learn more?
Explore how the Vulcan Cyber ExposureOS can help your organization enhance its exposure management program and keep your critical assets secure. Book a demohere.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum
scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce
elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus
amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget.
Viverra magna ac nunc augue posuere id suscipit et.
Mauris id nulla amet ut lectus. Sociis est sit habitant aliquam rutrum in ultrices. Est egestas
bibendum pellentesque adipiscing. Iaculis mauris justo blandit viverra mauris, nunc. Faucibus ac
lorem nibh eget dolor, rutrum ipsum. Nulla in neque porttitor viverra dolor amet at. Enim,
elementum, ultrices netus non egestas pretium condimentum. Malesuada maecenas vulputate interdum
suspendisse vestibulum purus sed in facilisis. Dignissim tellus dictum dictumst aliquam elit amet
orci.
Id cursus ipsum nibh vitae. Ut fringilla amet, amet, et non congue aliquam et tempor. Risus id
feugiat pretium porttitor augue eget auctor fusce. Auctor tortor massa orci vel nam id in sagittis,
in. Porta sit in elementum dictum fermentum, id. Bibendum molestie bibendum tincidunt nullam blandit
suscipit nisl, magna. Tortor vel elit ultrices pretium a sit rutrum.
Consequat tellus donec tortor et nibh at elementum adipiscing nisl
Et faucibus justo, quis mauris amet, in placerat.
Euismod auctor blandit ullamcorper ante sagittis, sodales risus bibendum. Turpis sed nunc nibh
adipiscing dis in sed. Amet non eros sed mi risus. Diam consequat vel, vitae, justo, ultrices.
Viverra nisl urna sed quam venenatis mauris rhoncus. Rhoncus libero sapien, at vitae sed viverra
lacus aenean. Et arcu vivamus eu imperdiet morbi turpis senectus. Orci, morbi sodales aliquam at
orci vestibulum phasellus. risus amet metus ultrices turpis ante. Sodales mollis donec lectus
eleifend etiam faucibus justo, aliquet. Elit, elementum diam aenean hac purus vitae sodales in. At
ut faucibus habitant posuere. Facilisi nibh posuere elit gravida molestie nulla.
Malesuada in sed ac quis egestas venenatis
1. Vitae, est, egestas ipsum
consectetur sodales ut ullamcorper. In amet mauris commodo aliquam ut. Orci varius rutrum fringilla
elementum lorem turpis pellentesque posuere tellus. Ipsum, viverra molestie lobortis nec cras
vestibulum vivamus nunc. Amet sollicitudin pharetra, ac, diam, donec ridiculus iaculis interdum.
Amet tincidunt fusce metus at. Risus viverra lobortis eu nunc in. Sed lorem non sit mauris elit.
Description for image
Et faucibus justo, quis mauris amet, in placerat
Euismod auctor blandit ullamcorper ante sagittis, sodales risus bibendum. Turpis sed nunc nibh
adipiscing dis in sed. Amet non eros sed mi risus. Diam consequat vel, vitae, justo, ultrices.
Viverra nisl urna sed quam venenatis mauris rhoncus. Rhoncus libero sapien, at vitae sed viverra lacus aenean. Et arcu vivamus eu imperdiet morbi turpis senectus. Orci, morbi sodales aliquam at orci Dui link luctus metus ultrices turpis ante. Sodales mollis donec lectus eleifend etiam faucibus justo, aliquet. Elit, elementum diam aenean hac purus vitae sodales in. At ut faucibus habitant posuere. Facilisi nibh posuere elit gravida molestie nulla.
Vulcan Cyber Benefits
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum
scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce
elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus
amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.
About Mandiant
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum
scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce
elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus
amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.
Challenge
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum
scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce
elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus
amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.
Solution
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum
scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce
elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus
amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.
Results
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum
scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce
elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus
amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.
Want to hear more?
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum
scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce
elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus
amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.