Vulnerability management systems, solutions and tools for cyber security

The Vulnerability Management System (VMS) provides the ability to understand the hardware and software vulnerabilities within your organisation’s NETWORK.

The VMS system delivers an in depth vulnerability assessment of the hardware and software running on your devices. We map devices against systems, and systems against your organisation’s risk assessment matrix to produce a Network Vulnerability Baseline (NVB). This provides a comprehensive view of your asset, from a vulnerability, impact and associated risk perspective. The system then processes daily intelligence feeds from several industry leading sources against your NVB and alerts users of potential threats, the associated risks and recommended remediation activities.

View Case Study

Vulnerability Management

Learn More
Alert Engine

The Alert Engine is targeted at identifying vulnerabilities serious enough to warrant a Break Plan fix in an industrial environment. Threat Intelligence feeds from trusted third parties are matched to client software and hardware inventories to determine affected devices within each client.

RISK-BASED PRIORITISATION
The business impact of the vulnerability on each individual device is then assessed, based on the criticality of the system the device belongs to, whether the vulnerability could be exploited (based on the connectivity of the device and how the vulnerability actually works) and whether an exploit exists and has been used in the wild.

ALERTING
Our clients are then alerted to those vulnerabilities which are exploitable and exist within critical systems on their facilities. The affected devices are identified, including their physical locations and individual criticality to plant operation. This enables the client's ICS team to quickly evaluate the potential impacts and determine the appropriate responses.

Learn More
Attack Surface Engine

The Attack Surface Engine is targeted at quantifying all existing vulnerabilities on each device within our client's systems and identifying appropriate patching and remediation actions.

VULNERABILITY DETECTION
The Engine works by matching client inventory to the NIST National Vulnerability Database (NVD) CVE database. The Attack Surface Engine imports CVE's directly from NVD into an internal database so that queries remain within the Sapien system. Threat Actors cannot therefore use query traffic to infer client inventory.

REPORTING
The Attack Surface Report identifies each affected device and identifies every affected piece of hardware or software on that device and the latest security patch. If no patch is available, a mitigation recommendation may be provided.

This gives our clients the ability to prioritise existing issues, based on severity, for remediation during planned maintenance. By integrating this information with maintenance workpacks for their facilities, clients can steadily reduce the attack surface of their systems over time.

Learn More
Ingestion of cmdb & System Risk matrix

Sapien's Vulnerability Management system imports client CMDB and Risk Data on a regular basis in order to provide up to date vulnerability detection. The import can be done manually via CSV, or by a custom integration to client systems.

CMDB DATA
The CMDB data includes device information, hardware modules (for devices such as PLC’s), firmware or operating system and a full catalog of installed software on servers and PC's.

RISK DATA
Risk Data comprises Consequence and Likelihood information at a functional system level and identifies which devices belong to each system.

Consequence is measured by magnitude (customised to each client) and is categorised as Health and Safety, Financial, Legal (regulatory), Environmental, Cultural or Reputational. It may also vary depending on whether a vulnerability results in compromise or loss of functionality.

Likelihood is based on the connectivity of particular functional system. The more connected a system is, the more likely it is to be compromised.

Learn More
Alert Engine

The Alert Engine is targeted at identifying vulnerabilities serious enough to warrant a Break Plan fix in an industrial environment. Threat Intelligence feeds from trusted third parties are matched to client software and hardware inventories to determine affected devices within each client.

RISK-BASED PRIORITISATION
The business impact of the vulnerability on each individual device is then assessed, based on the criticality of the system the device belongs to, whether the vulnerability could be exploited (based on the connectivity of the device and how the vulnerability actually works) and whether an exploit exists and has been used in the wild.

ALERTING
Our clients are then alerted to those vulnerabilities which are exploitable and exist within critical systems on their facilities. The affected devices are identified, including their physical locations and individual criticality to plant operation. This enables the client's ICS team to quickly evaluate the potential impacts and determine the appropriate responses.

Learn More
Attack Surface Engine

The Attack Surface Engine is targeted at quantifying all existing vulnerabilities on each device within our client's systems and identifying appropriate patching and remediation actions.

VULNERABILITY DETECTION
The Engine works by matching client inventory to the NIST National Vulnerability Database (NVD) CVE database. The Attack Surface Engine imports CVE's directly from NVD into an internal database so that queries remain within the Sapien system. Threat Actors cannot therefore use query traffic to infer client inventory.

REPORTING
The Attack Surface Report identifies each affected device and identifies every affected piece of hardware or software on that device and the latest security patch. If no patch is available, a mitigation recommendation may be provided.

This gives our clients the ability to prioritise existing issues, based on severity, for remediation during planned maintenance. By integrating this information with maintenance workpacks for their facilities, clients can steadily reduce the attack surface of their systems over time.

Learn More
Ingestion of cmdb & System Risk matrix

Sapien's Vulnerability Management system imports client CMDB and Risk Data on a regular basis in order to provide up to date vulnerability detection. The import can be done manually via CSV, or by a custom integration to client systems.

CMDB DATA
The CMDB data includes device information, hardware modules (for devices such as PLC’s), firmware or operating system and a full catalog of installed software on servers and PC's.

RISK DATA
Risk Data comprises Consequence and Likelihood information at a functional system level and identifies which devices belong to each system.

Consequence is measured by magnitude (customised to each client) and is categorised as Health and Safety, Financial, Legal (regulatory), Environmental, Cultural or Reputational. It may also vary depending on whether a vulnerability results in compromise or loss of functionality.

Likelihood is based on the connectivity of particular functional system. The more connected a system is, the more likely it is to be compromised.