News

Critical Insight Launches CVI: Automating Vulnerability Scans

CVI automates network vulnerability scanning, enables scheduling, reduces cost, improves security and compliance

SEATTLE, December 5, 2017 — Critical Insight, a leader in cybersecurity Managed Detection and Response services, announced the launch of their Continuous Vulnerability Identification (CVI) service, an automated scan that detects and reports on application, system, and host vulnerabilities. The service is operated from the company’s Critical Insight security monitoring platform, which keeps the technology footprint and installation as light as possible.

The company’s announcement follows a year of record cyberattacks. Recent figures place the average cost of a hack on a U.S. company at more than $15 million[1], and such hacks are occurring at twice the rate they did in in 2016[2].  Some of the worst hacks, such as those that hit Equifax and Maersk, exploited vulnerabilities that CVI detects: Apache Struts and Windows SMB v1 (MS17-010), respectively.

Cybercriminals are causing tremendous damage through vulnerabilities that have well-documented solutions,” said Critical Insight founder M.K. Hamilton. “We developed CVI to help network owners identify the weaknesses in their networks before hackers are able to take advantage of them.”

CVI allows network administrators to schedule scans as often as needed to identify emerging vulnerabilities, or execute scans on-demand following specific events, such as application updates. The configurable intervals between scans provide insight into vulnerability trends throughout the year, something that quarterly or annual scans may overlook.

Many organizations, such as those in the healthcare and financial services industries, are required to assess their networks for vulnerabilities and other IT risks.  The Gramm-Leach Bliley Act and Health Insurance Portability and Accountability Act are two regulations that include such requirements.  CVI fulfills these vulnerability assessment requirements at 20% of the cost of traditional consultant-led scans.

“CVI turns vulnerability management into a sustainable program, rather than an annual project,” added Garrett Silver, CEO.  “The cost savings is clearly a tangible benefit, but the real value of CVI is its ability to equip network administrators with the information they need to address otherwise undetected vulnerabilities.”

 

About Critical Insight: Critical Insight, Inc., is an Information Security company that provides Managed Detection and Response (MDR) services to a wide variety of industries, with specialized expertise in healthcare, financial services, and the public sector. Their information security and expert consulting services help customers protect networks and secure data in a rapidly evolving cyber threat landscape.

[1] http://money.cnn.com/2015/10/08/technology/cybercrime-cost-business/index.html

[2] https://revisionlegal.com/data-breach/2017-security-breaches/