Wiz is excited to announce its new integration with ServiceNow Vulnerability Response (VR), creating a combined vulnerability management workflow that eliminates blind spots and prioritizes risks.
Vulnerability management is one of the main security concerns for enterprises worldwide, and security teams put a lot of time and effort into detecting and mitigating vulnerabilities in their organizations’ environments. In 2021 alone, 18,376 vulnerabilities were recorded in the US-CERT vulnerability database, which translates into 50 new vulnerabilities that require the security team’s attention each day.
For an efficient vulnerability remediation process, organizations need to overcome three main challenges:
Full visibility— You cannot protect what you do not see. To eliminate security holes, you must gain full visibility into all the resources in your cloud environment. This is even more challenging in cloud environments that rely solely on agent-based solutions, as security agents fail to provide full coverage.
Prioritized remediation— Fixing everything everywhere immediately is unfeasible. Security teams must be able to identify the most toxic combinations of risk factors in their cloud environment in order to prioritize and patch the most vulnerable resources first.
Seamless integration—The mitigation process should be incorporated seamlessly with the organization’s existing security flow, and as automated as possible.
Wiz uses agentless scanning to gain full visibility into any cloud environment, with zero impact on your business operations. It delivers unified coverage across cloud service providers and compute architectures, from virtual machines and containers to serverless functions. The agentless scan surfaces vulnerabilities in your infrastructure, including CVE severity and exploitability score. Moreover, since Wiz scans for a wide range of cloud infrastructure risks such as secret or network exposure, it identifies toxic combinations and resource interconnections that together pose the highest security risks. This allows you to focus on the risks that matter the most.
For example, a vulnerable host that is exposed to the internet can be more easily exploited, and is therefore riskier than a host that does not have internet access. If this vulnerable resource can also assume a role with high permissions or has exposed secrets, that could lead to lateral movement, and should therefore be prioritized in the patching process.
With an understanding of the highest priority vulnerabilities in your environment, the next step is remediation. Integrating Wiz with ServiceNow Vulnerability Response (VR) significantly improves your end-to-end vulnerability management workflow from detection to remediation. ServiceNow VR ingests the vulnerabilities data detected by Wiz together with the remediation recommendations and information about virtual machines where vulnerabilities were detected. The findings and asset data from Wiz are synced into ServiceNow and matched against existing Vulnerability Items (VI) and Configuration Management Database (CMDB) data. By using the Now Platform® workflow and automation capabilities, security and IT teams can respond faster and more efficiently, giving them a streamlined process for vulnerability management from beginning to end.
Visit the ServiceNow store to get the Wiz Integration for Security Operations app.
For each CVE, the Wiz Research team maintains data from multiple threat intelligence sources and our own independent research. Now that we’ve added support for the new CISA KEV catalog, learn how you can use it in your cloud environment.