GigaOm Radar for Continuous Vulnerability Managementv3.01

1. Summary

Vulnerability management is now a cornerstone of cybersecurity frameworks and should be a part of every organization’s cybersecurity plan. This critical process plays a pivotal role in the discovery of hardware and software assets, presenting a clear overview of the security of an organization’s digital infrastructure.

Along with asset identification, vulnerability management is also vital for exposing potential weak spots in these assets. Such weaknesses could serve as potential entry points for cyber attackers, allowing them to circumvent otherwise advanced and robust security measures. Once these vulnerabilities are identified, organizations can proactively address them, thereby enhancing their overall cybersecurity posture and reducing the likelihood of successful cyber attacks.

And yet, for all the risk-reducing value that vulnerability management brings, traditional versions of these solutions have two main drawbacks. The first is their emphasis on physical infrastructure, like network devices, servers, and desktops, and the applications that operate on this infrastructure. Although still a crucial part of any comprehensive vulnerability management plan, this focus results in limited help in identifying vulnerabilities in other prevalent and emerging technologies.

The second shortcoming is that a traditional solution provides a snapshot of an organization’s vulnerabilities at a specific moment only. After running a scan and analyzing the data, plans are then created to address these vulnerabilities. But in a dynamic DevOps environment, this snapshot can quickly become outdated. It’s highly possible that today’s vulnerabilities may not exist tomorrow, or they may appear and disappear intermittently. Due to these and other issues, traditional vulnerability management struggles to support DevOps practices effectively.

The next evolution in this field is continuous vulnerability management. This approach starts with the network-based infrastructure and application scanning from traditional vulnerability management, then augments it with ongoing methods that now include scanning container images, infrastructure-as-code (IaC) manifests, cloud configurations, cloud identities, and other cloud-native technologies. We believe that continuous vulnerability management has overtaken traditional vulnerability management techniques due to the widespread adoption of public cloud resources and DevOps practices.

This GigaOm Radar report highlights key continuous vulnerability management vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating Continuous Vulnerability Management Solutions,” we describe in more detail the capabilities and metrics that are used to evaluate vendors in this market.

This is our third year evaluating the vulnerability management space in the context of our Key Criteria and Radar reports. All solutions included in this Radar report meet the following table stakes—capabilities widely adopted and well implemented in the sector:

• Asset discovery and tracking
• Policy compliance reporting
• Issue tracking and management
• Basic risk profiling and prioritization
• Remediation recommendations