How to get started / A single platform for agile vulnerability management

There are only two ways of finding a vulnerability. Either you do, or somebody else does. Cybersecurity is all about being one step ahead

Faraday allows you to optimize the vulnerability management process, making it more accessible, agile, scalable and efficient. The platform’s design eases the classification, prioritization, and handling of vulnerabilities, while allowing users to boost their efficiency by automating key steps of the process. Let’s see how this works.

The vulnerability management process consists of six steps. Faraday’s technology optimizes and smoothens the process as a whole, allowing you to manage it from a single platform.

Discover

In the discovery instance, vulnerabilities are scanned to have an overview of the organization’s attack surface. Automatic scanning saves experts’ time, and introduces vulnerabilities into the management lifecycle, for them to be analyzed and treated.

 

Depending on the needs of the organization or the product being developed, the scanners to be used may vary. Faraday’s technology allows businesses to choose scanners according to their needs and integrate them smoothly into their lifecycle.

With Faraday, scanners may be deployed and added into the lifecycle with just a few clicks. Vulnerabilities may be easily imported if scans have previously been performed elsewhere and users need to manage their vulnerabilities.

 

Faraday’s First Scan may be a first approach to scanning, which allows users to have a feel of what scanning is about for free and with just a few clicks.

Prioritize & Assess

Once vulnerabilities are in Faraday, the next step is to prioritize and assess them in order to triage and determine a mitigation strategy. Here is where full visibility of your attack surface will come in handy. As explained in Faraday’s Dashboard overview, vulnerabilities may be visualized according to user’s needs, in the following sections:

• Vulnerability-centered dashboard, where vulnerabilities may be displayed, analyzed, edited and prioritized.
• Asset-centered dashboard, so users may prioritize and classify vulnerabilities according to the network assets they belong to.
• General analytics on the attack surface which may be used to make smarter strategic decisions.

 

In this step, vulnerabilities are classified in terms of severity and ease of resolution. Vulnerabilities sent by scanners may be confirmed or not, evidence of their existence may be uploaded, and their description and information may be easily updated. Faraday allows to carry out this process in a sharp, intuitive, user-friendly dashboard.

 

Vulnerabilities may be tagged for easier identification. Filters may be used, saved and created in order to ease navigation and classification of high volumes of vulnerabilities.

 

Faraday allows users to handle duplicate vulnerabilities and to automate prioritization and assessment tasks, in order to save experts’ time and optimize your teams’ security resources. 

 

For users with access to multiple workspaces, Faradays’ feature of workspace comparison might be useful for strategic decisions, resource management, and as a source of feedback to compare different approaches.

Report

Security is a teamwork activity. Prioritization of vulnerabilities is better done in dialogue with areas apart from security, in order to consider the business needs. Assessment of vulnerabilities might need to be double-checked. Weekly reports may need to be presented regularly, either to management or to clients.

Faraday allows users to save expert’s time in creating reports by generating them automatically, in editable formats. The creation of reports and handling of vulnerabilities may be integrated with other tools within Faraday, such as filters or pipelines.

Different companies may have different objectives and reasons for reporting, as well as different protocols to comply with. Faraday approaches reporting with the same versatility that it approaches scanning: the vulnerability normalization technology allows Faraday to offer users the possibility of creating custom reports which answer to their particular needs.

Another approach to communication is the platform itself. A workspace might be accessed by several users, so Faraday’s dashboard and analytics may be accessed by different experts who need to use Faraday’s full versatility.

Remediate

After a strategy has been determined and agreed upon, Faraday helps security experts manage and follow the mitigation process.

 

Faraday’s planner allows users to assign issues and tasks within Faraday, which will be notified to assigned users. Vulnerabilities may also be assigned directly in the dashboard, by tagging users in the same workspace. This will send them a notification too.

 

The platform is designed to manage the remediation process within Faraday, allowing users to send tickets to developers or IT teams in charge of mitigation, with Jira, ServiceNow and Gitlab integration.

 

Once vulnerabilities are remediated, their statuses should be changed in the dashboard, for later verification. Vulnerabilities might have four different statuses in the vulnerability management lifecycle:

• Open: A vulnerability has been identified and hasn’t been solved yet.
• Closed: The vulnerability has been reported as mitigated.
• Risk-accepted: The vulnerability has not been mitigated, but mitigation costs are identified as more important than the vulnerability itself.
• Reopened: A vulnerability which had been identified as closed has been found to still be an issue.

Verify

Once vulnerabilities have been mitigated and marked as closed, their solution must be verified. This means running the scanning process once again and checking if vulnerabilities persist (by rechecking their status on the dashboard).

 

Faraday will recognize if closed vulnerabilities are still present, and automatically change their status to reopened. In other cases, a vulnerability’s status will remain as assigned.

 

The verification step closes the vulnerability management lifecycle, and introduces the beginning of a new iteration.

An integral approach to vulnerability management

Faraday follows an integral approach to vulnerability management. This means that instead of just optimizing each of the tasks individually, the process is improved as a whole, reducing friction between steps and smoothening the workflow.

 

Faraday’s technology follows three key steps to help the process run smoothly:

 

1. Data normalization: More than 80 plugins convert the output data of several scanning platforms into a single format. This allows users to import vulnerabilities, run scanners and create reports as they please to fit their needs, without worrying about conversion issues.
2. Intuitive interface: Once vulnerabilities are normalized, they may be handled through Faraday’s intuitive interface, which eases the process of vulnerability management and is accessible to new talents in the growing security industry. The whole process of vulnerability management may be performed intuitively and on a single platform.
3. Automation: Faraday allows users to automate tasks intuitively, with just a few clicks. Normalization eases the processing of vulnerabilities, and Faraday’s expertise in security and design does the rest. Once all the process is handled in the same platform, growth opportunities through automation are endless.

 

Faraday brings comfort to every vulnerability management task, by perfecting the process as a whole. Recognizing teams’ diversity in approaches, Faraday’s technology never lost focus on versatility. 

 

After looking through Faraday’s recommended introduction, interested readers might like to learn more about Faraday’s CLI and API, which may be useful for scripting, interfacing and automation.

 

If your company is interested in performing vulnerability management but believe that you could use help from an expert, you may contact us and we’ll get in touch.