A Michigan-based manufacturing firm struggled with addressing the risks associated with software vulnerabilities at facilities around the globe. As scanning operations ramped up, it was apparent that there just were not enough hours in the month to keep up with all the findings.
Using the TARA platform, the client gained insights to the riskiest vulnerabilities regardless of the ranking assigned by the scanning technology. Using a “typical” monthly scan result pulled from the client environment, 30,000 vulnerabilities represent a much different outcome when managed with TARA.
The outcome was startling, and the insights provided by TARA reduced mitigation workload by 97%… dramatically improving risk coverage. Another interesting revelation was the high percentage of Medium (CVSS) vulnerabilities that had high risk scores. Nearly 60% of the riskiest vulnerabilities were under a medium risk designation when ranked by the vulnerability scanner. On an average month, using the “Traditional” approach…55 of the riskiest vulnerabilities (medium) will never be reviewed or mitigated.
Reduction in Mitigation Workload
Riskiest Vulnerabilities Classified as Medium
Improvement in Risk Coverage over a Traditional Approach