OpenSSL3 Critical vulnerability: How to fix CVE-2022-3602 and CVE-2022-3786 | Read here  >>

The CyberRisk Summit is back: Join us on Dec 6. as we recap the cyber risk landscape in 2022 | Get free ticket >> 

Product update: Group and deduplicate vulnerabilities with “Vulnerability Clusters” for efficient cyber risk management | Read here  >>

OpenSSL3 Critical vulnerability: How to fix CVE-2022-3602 and CVE-2022-3786 | Read here  >>

The CyberRisk Summit is back: Join us on Dec 6. as we recap the cyber risk landscape in 2022 | Get free ticket >> 

Product update: Group and deduplicate vulnerabilities with “Vulnerability Clusters” for efficient cyber risk management | Read here  >>

News

Vulcan Cyber integrates with Microsoft’s threat & vulnerability management

Vulcan Cyber has integrated with Microsoft's threat and vulnerability management to provide users with greater clarity of the vulnerabilities affecting them most, and the business risk associated. Here's what you need to know.

Kevin Broughton | February 02, 2022

For most organizations, vulnerability and cyber risk management are ineffective programs. Information overload, operating siloes with limited communication collaboration, slow and manual processes, and a lack of visibility into what is or isn't working, all combine to hold back necessary mitigation of cyber risk.

That’s why we are excited to announce a new integration between Microsoft threat and vulnerability management and the Vulcan Cyber© risk management platform. This integration gives customers deeper cyber risk awareness, better communication and collaboration between departments, and fast, efficient vulnerability and risk prioritization and mitigation capabilities. The partnership between Microsoft and Vulcan Cyber delivers:

  • Unified risk management
  • Accurate risk-based prioritization
  • Efficient vulnerability and risk management orchestration
  • Rapid time-to-value

This data is aggregated and correlated against a wide range of relevant vulnerability and risk context. Vulcan Cyber ingests asset information vulnerability details and fix recommendations and remediation options from Microsoft threat and vulnerability management.  This data is aggregated and correlated against a wide range of relevant vulnerability and risk context. This comes from other Microsoft products (Azure, SSCM, Intune, etc.) and dozens of other sources to automatically and intelligently prioritize which vulnerabilities to address first based on criticality to your business and the greatest impact to your organization's security posture.

This integration draws on the combined power of Vulcan Cyber and Microsoft threat and vulnerability management to add greater vulnerability context to understand true risk, what to prioritize, and how to remediate. Automation is easy with additional integration with Microsoft Endpoint Manager and other patch management tools.

[Figure 1] This diagram shows how Vulcan Cyber integrates with Microsoft and other solutions to deliver end-to-end cyber risk management capabilities.

 

Once it is connected to Vulcan Cyber, vulnerabilities identified by threat and vulnerability management are automatically analyzed and assigned a risk rating that incorporates context like threat severity, asset type, exploitability and other datapoints from potentially dozens of sources. This helps prioritize which CVEs need to be addressed first for the greatest impact to each organization’s unique requirements and specific security posture.

[Figure 2] A list of CVEs identified by Threat and Vulnerability Management and prioritized by Vulcan Cyber based on critical risk factors.

 

Users can then drill into the details of each vulnerability to provide additional context about the actual risk associated with the specific CVE.

[Figure 3] Vulcan Cyber provides a detailed explanation of every CVE, with context extracted from threat and vulnerability management and dozens of other integrated data sources.

 

It's not just about the vulnerability context. Vulcan Cyber also provides validated fixes, where to find them, and how they will impact overall business risk beyond the specific CVE. Integrations with patch management tools like Microsoft Endpoint Manager (or Chef, Puppet, Ansible, etc.) allows a user to take action to immediately fix a vulnerability from the same screen. This is true when a different group is responsible for remediation and patch management. Vulcan Cyber lets you communicate and collaborate with those teams using their tools of choice, like Microsoft teams, ServiceNow Jira, etc.

[Figure 4] Vulcan Cyber delivers remediation advice provided by internal expert research and/or extracted from threat and vulnerability management and other integrated sources.

Vulcan Cyber can also drill down to show which CVEs are specifically impacting individual assets and their associated risk, allowing organizations to prioritize mitigation based on asset criticality and other relevant factors.

[Figure 5] An asset-centric view lists the CVEs impacting specific assets and the associated risk.

 

And finally, flexible analytics views show the complete vulnerability landscape with the ability to employ dynamic filters to focus on specific criteria, like vulnerability source. This provides both macro level and granular insights for greater organizational awareness of actual risk.

[Figure 6] One of many analytics views for show macro and granular views of an organization’s true vulnerability and risk landscape.

 

The threat and vulnerability management capabilities are part of Microsoft Defender for Endpoint and enable organizations to effectively identify, assess, and remediate endpoint weaknesses to reduce organizational risk.

Check out the step-by-step guide on how to setup and use the integration.

Try out the integration between Vulcan Cyber and Microsoft threat and vulnerability management with Vulcan Free.

We want to hear from you! If you have any suggestions, questions, or comments, please visit us on our Tech Community page.