2023 SC Awards Finalists: Best Vulnerability Management Solution

Coalfire has launched a new Ransomware Simulation-as-a-Service (RSaaS) to help organizations assess their cybersecurity vulnerabilities and test their readiness before real attackers exploit them. The simulator is customizable and tailored to meet specific market applications, such as healthcare, finance, or government, where risks and regulatory compliance requirements are exceptionally high. The simulator tests security policies, incident response procedures, disaster recovery plans, and technical security controls, and identifies vulnerabilities in an organization’s network and systems through two impact options: “Low Impact” and “High Impact.” The comprehensive service improves security posture, reduces the risk of an actual attack, and accelerates recovery time. Coalfire’s RSaaS service is one of the first of its kind in the market, and it is packaged with the firm’s broader red team services, making it stand apart from its competitors.

Lacework is a cloud security platform that continuously scans for code vulnerabilities in cloud environments at every stage of the application life cycle. Its strength lies in its ability to prioritize vulnerabilities based on observed risk and discover active zero-day exploits in environments. Lacework’s approach uses active vulnerability detection to identify software in use and enrich vulnerability risks with runtime context, making it easier for teams to prioritize the most critical vulnerabilities. The platform combines several cloud security capabilities into a single unified platform, and customers average 2-5 less cloud security tools, with an average annual tool consolidation savings of between $200K and $500K. Lacework offers three tiered packages to meet customers where they are within their cloud maturity journeys.

Prisma Cloud, a cloud-native application protection platform, offers broad security and vulnerability coverage across cloud infrastructure, workloads, data, networks, web applications, and APIs. The platform delivers comprehensive agentless vulnerability management addressing critical market needs across Linux and Windows hosts, containers, serverless functions, open-source software, and code repositories. Prisma Cloud can identify vulnerabilities throughout the application development lifecycle and provides alerts or prevents vulnerable deployments before production. Its unified data engine combines separate risk findings across the development lifecycle to help security teams prioritize critical vulnerabilities. Prisma Cloud’s key differentiators include identifying vulnerabilities throughout the application development lifecycle and being the only platform used by more than 2 million cloud engineers to scan for vulnerabilities.

InsightVM is a vulnerability management tool that provides visibility into an organization’s security program, enabling security teams to reduce the attack surface and security risk. The tool helps manage and mature vulnerability management programs by identifying vulnerabilities, prioritizing remediation efforts, and tracking progress against key metrics. The solution supports the entire Vulnerability Management lifecycle and allows security teams to manage their program better. InsightVM integrates with Project Sonar to monitor external-facing assets and threat exposure, and offers a robust tagging system to prioritize critical assets for remediation. With live dashboards, Remediation Projects, and Goals and SLAs, security teams can collaborate with stakeholders effectively. InsightVM is priced on a per-asset basis, with all features included in the asset price, reducing operational costs and improving TCO.

Tenable, a cybersecurity company, has launched Tenable One, an exposure management platform that provides a unified view of an organization’s assets and vulnerabilities to reduce cyber risk. Tenable One combines the broadest breadth and depth of vulnerability coverage spanning IT assets, cloud resources, containers, web apps, and identity systems. It uses data science capabilities, including advanced machine learning algorithms, to provide innovative features like Predictive Prioritization, Asset Criticality Rating, and Predictive Scoring. Tenable One helps security practitioners focus on remediating vulnerabilities, improves security managers’ and incident response teams’ efficiency, and provides security executives with accurate risk assessments and actionable metrics. Tenable One eliminates the need for companies to purchase, install and manage hardware and OS, install and update applications, establish and manage high availability, monitor performance and availability, and plan for and deploy additional hardware over time. Tenable One is a SaaS application managed by a single licensing model, making it more cost-effective than the sum of its parts.