RiskSense Helps MSSPs Deliver Security as a ServiceBy Gina Roos | Posted 2017-02-17 Email Print
The Myths and Truths of Building a World-Class Cyber Defense REGISTER >
The latest platform release from RiskSense delivers security as a service that aligns a customer's vulnerability management priorities with the biggest threats.
RiskSense, a 2015 spinoff from the New Mexico Institute of Mining and Technology, launched the latest release of its cyber-risk management offering. RiskSense Platform 7.0 includes a Multi-Client Dashboard that enables managed security service providers (MSSPs) to deliver risk management offerings that align a customer's vulnerability management priorities with the biggest threats so they can focus on the most serious risks to their customers' business operations.
The platform focuses on the emerging market opportunity for MSSPs to deliver risk management as a service, which can help them differentiate their offerings in a highly fragmented market by changing the way they detect and manage cyber-risk for their customers.
The RiskSense solution augments an MSSP's existing service portfolio, which includes solutions such as managed firewall and email offerings, to address the customers' growing attack surface, said Torsten George, vice president of global marketing and products at RiskSense. "This enables MSSPs to contextualize internal security findings with external threat data to find true risk exposure," he added.
Customers are faced with several challenges. These include a lack of cyber-security talent, volumes of data from a variety of cyber-security products, a lack of context (understanding what threat intelligence feeds mean in context of their own internal findings), and defining patterns so they can take action before one of these challenges becomes a risk, George said.
Understand Risk Exposure Across Growing Attack Surface
The RiskSense Platform 7.0 works by addressing cyber-security gaps based on the risk they pose to a business or government organization. It automates the process of extracting actionable intelligence from all the data generated by a company's cyber-security products, including vulnerability scanners, threat intelligence feeds and other security systems. This allows enterprises to understand their particular cyber-risk exposure across a growing attack surface, and then orchestrate remediation and monitor the results, the company said.
Managed security services are outgrowing many traditional security technologies, including vulnerability assessment, threat management, and security information and event management (SIEM) products, according to George. Even when vulnerability assessment or SIEM systems are offered as a managed service, they still take a very traditional approach by looking at the user's network environment and considering only the internal security posture, he added.
"For MSSPs to break out of the traditional MSSP space, the RiskSense platform offers a risk-based approach to security that leverages not just the security findings from within the end user organization, but also overlaying that info with external threat data that we bring to the table, and then use machine-learning technology to analyze the data and correlate it with business criticality," George explained. "The outcome is a risk score both at the asset level and an organizational level."
MSSPs also can orchestrate remediation from the same platform, which helps them extend their revenue potential, he added.
A key feature of the RiskSense Platform 7.0 Multi-Client Dashboard is that it enables an MSSP to view overall metrics across multiple clients for benchmarking, orchestration of remediation actions and better resources allocation. In addition to monitoring a host of customer metrics, the platform also finds patterns to provide insight into the top security risks.
"According to postmortem analysis, 84 percent of today's attacks originate at the application layer and no longer at the network layer," George said. "It's important for MSSPs to understand that with our platform in their service portfolio, they are not just focusing on the network layer. They are also able to cover the application and database layer, which gives them a unique position compared to their competition."