RiskSense Releases a Unified Infrastructure Security Risk Management Program
RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The platform harmonizes threat analysis, risk scoring, and prioritization of vulnerabilities across your entire network. The main draw of RiskSense’s program is its holistic risk calculation across Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) entries. This approach is in contrast to other risk management suites that often provide separate views of infrastructure and application vulnerabilities.
RiskSense is hoping to enable clients to assess their security risks holistically rather than in a piecemeal manner. This allows clients to decrease their exposure and consider the most cost-effective methods. RiskSense aggregates all of the data from multiple sources such as static and dynamic application security testing (SAST and DAST), open source software (OSS), containers, penetration tests, and bug bounty programs to achieve their holistic vision. This gives RiskSense users the ability to identify and fix vulnerabilities in their attack surface, however the construction of their code, or infrastructure point. With the OWASP top 10 and CWE top 25 most dangerous software errors presented to improve developer knowledge and productivity, RiskSense’s application boasts a well-informed and tactical approach to vulnerability management.
RiskSense’s newest solution is available immediately for public consumption.
Our Take
RiskSense takes the application data to include CVE and CWE considerations. When used in tandem with RiskSense’s Vulnerability Risk Rating (VRR) system, RiskSense delivers a high-fidelity risk prioritization option for enterprises. The RiskSense dashboard also gives developers and DevOps staff a global overview of vulnerabilities with additional drill-down functionality for even greater insight into the organization’s risk ecosystem. With interdisciplinary ticketing support for remediation assignment and step-by-step validation, RiskSense gives InfoSec teams the ability to know what to do next.
Want to Know More?
Prioritization to Prediction: Volume 5: In Search of Assets at Risk