Home > Categories > Governance, Risk and Compliance > RiskSense Releases a Unified Infrastructure Security Risk Management Program

Software Category

Governance, Risk and Compliance

Write Review

RiskSense Releases a Unified Infrastructure Security Risk Management Program

RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The platform harmonizes threat analysis, risk scoring, and prioritization of vulnerabilities across your entire network. The main draw of RiskSense’s program is its holistic risk calculation across Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) entries. This approach is in contrast to other risk management suites that often provide separate views of infrastructure and application vulnerabilities.

RiskSense is hoping to enable clients to assess their security risks holistically rather than in a piecemeal manner. This allows clients to decrease their exposure and consider the most cost-effective methods. RiskSense aggregates all of the data from multiple sources such as static and dynamic application security testing (SAST and DAST), open source software (OSS), containers, penetration tests, and bug bounty programs to achieve their holistic vision. This gives RiskSense users the ability to identify and fix vulnerabilities in their attack surface, however the construction of their code, or infrastructure point. With the OWASP top 10 and CWE top 25 most dangerous software errors presented to improve developer knowledge and productivity, RiskSense’s application boasts a well-informed and tactical approach to vulnerability management.

RiskSense’s newest solution is available immediately for public consumption.

Our Take

RiskSense takes the application data to include CVE and CWE considerations. When used in tandem with RiskSense’s Vulnerability Risk Rating (VRR) system, RiskSense delivers a high-fidelity risk prioritization option for enterprises. The RiskSense dashboard also gives developers and DevOps staff a global overview of vulnerabilities with additional drill-down functionality for even greater insight into the organization’s risk ecosystem. With interdisciplinary ticketing support for remediation assignment and step-by-step validation, RiskSense gives InfoSec teams the ability to know what to do next.

Want to Know More?

Prioritization to Prediction: Volume 5: In Search of Assets at Risk

Design and Implement a Vulnerability Management Program

Other Recent Research in Governance, Risk and Compliance

Governance, Risk and Compliance

Twilio Breach and Cloud Security

By exploiting a five-year-old configuration error, a hacker was able to access Amazon’s S3 cloud storage buckets on which Twilio’s code was loaded. As a result, customers were able to unknowingly download the modified code for twenty-four hours.

Governance, Risk and Compliance

Qualys and Ivanti Partnership Boasts an Incredibly Robust Vulnerability Management Platform

Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.

Governance, Risk and Compliance

IBM Raises Price on Software Support; Shoves Customers Toward the Cloud

IBM is changing the terms of its ubiquitous Passport Advantage agreement to remove entitled discounts on over 5,000 on-premises software products, resulting in an immediate price increase for IBM Software & Support (S&S) across its vast customer landscape.