Thursday, December 12, 2024

5 Vulnerability Scanning Case Studies

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

With a global increase in cybercrime, threat actors are targeting companies of all sizes, making vulnerability scanning a cybersecurity necessity.

See below for five case studies on how organizations across different industries are employing vulnerability scanning solutions to help solve their network security challenges:

5 vulnerability scanning case studies

  1. SyCom
  2. Visma
  3. California Polytechnic State University
  4. Bitbrains
  5. Hill & Smith

1. SyCom

With annual revenue of over $70 million, SyCom is one of the leading systems integrators in the East Coast of the U.S. It designs and supports IT solutions that help optimize business growth.

SyCom has been using Invicti’s Netsparker web application security scanner for about seven years. Until the deployment of Netsparker, the company administered manual scans annually to check for vulnerabilities. This meant the application was left open for potential cyberattacks for long periods in between the scans.

SyCom also uses the Netsparker web application security platform for continuous monitoring of its customers’ websites to check for vulnerabilities. A tool integral to this is Netsparker’s web application security scanning engine.

Netsparker automatically makes use of the detected vulnerabilities and feeds them into the SyCom framework. Security professionals can then reach out to customers and suggest remedies.

Industry: IT and telecommunications

Vulnerability scanning provider: Netsparker Enterprise by Invicti

Outcomes:

  • Continuous web security scanning of client websites
  • Automated reporting of identified vulnerabilities to the SyCom system
  • Drastically reduced workload for security professionals

See more: 5 Top Vulnerability Scanning Trends

2. Visma

With over one million customers across Europe and Latin America, Visma is a leading provider of accounting, procurement, and payroll solutions. Visma employs over 5,500 professionals and includes 200 companies spanning over 20 countries across the world.

As the firm transformed into a software-as-a-service (SaaS) provider, newer challenges related to security emerged. Visma not only needs to ensure the security of its own systems, but it has the responsibility of safeguarding customer data as well. With a larger attack surface, Visma wanted to gain increased protection against potential cyberattacks by effectively detecting and remediating vulnerabilities.

To strengthen its defenses against potential threats, Visma adopted the Qualys Cloud Platform for in-depth security scans. Qualys Vulnerability Management allowed the firm to automatically scan its development infrastructures and place the scan results in the same backlog with vulnerability reports on the company’s code. It also provided the firm with a 360-degree view of vulnerabilities on its network that trickled down to individual devices.

“We now have a comprehensive map of all 4,000 servers and 6,000 clients across our global IT infrastructure and an accurate view of all the vulnerabilities and their severity,” says Hans Petter Holen, CISO, Visma.

“We can perform scans in the background, even when a device is offline, and deliver the results as soon as it is reconnected to the network. When we detect a vulnerability, we deliver the findings to whoever is responsible for the machine — either via email to the local IT department or via Jira to the developer who owns the device.”

Industry: IT services

Vulnerability scanning provider: Qualys

Outcomes:

  • Vulnerability detection across more than 10,000 connected devices
  • Functions on minimal external management
  • Quarterly patching cycles accelerated up to 80%

3. California Polytechnic State University

California Polytechnic (Cal Poly) State University in San Luis Obisbo, California serves over 21,000 students.

Cal Poly was looking for a vulnerability scanning solution to address vulnerabilities existing across its web portfolio. The tools used previously were quite expensive and didn’t meet the university’s security requirements. Cal Poly needed a scanning solution that could not only run frequent penetration tests, but also provide faster feedback to its security team.
PortSwigger’s Burp Suite Enterprise Edition helped the application security team automate security scanning. Moreover, the vulnerability solution gave Cal Poly full visibility of its entire web portfolio at a single glance with its dashboard and scan summary reports. It lends greater flexibility in security testing, because of Burp Suite’s customizable scan configurations.

“A vulnerability scanner, like Burp Suite, frees our AppSec team to spend their time where it’s most valuable,” says a Cal Poly rep.

Industry: Higher education

Vulnerability scanning provider: Burp Suite Enterprise Edition by PortSwigger

Outcomes:

  • Reduced workload, resource optimization, and a faster feedback loop
  • Reduced risk and increased security coverage across its web portfolio
  • Security integration into the software development life cycle

See more: Why Vulnerability Scanning is Important

4. Bitbrains

Bitbrains builds native and hybrid phone apps for Android and iOS platforms. The firm is now on its third-generation cloud and has a complex IT environment: with about 3,000 virtual machines (VMs), 300 blades, and numerous network devices, with three network operations centers to manage the customer cloud.

Bitbrains’ cloud environment posed a cybersecurity challenge for the team, which needed a way to manage its baseline vulnerability checks for regulatory compliance while also keeping up with the threat environment. One of Bitbrains’ customers also requested daily vulnerability scans. Since the process wasn’t automated, the whole exercise was labor-intensive and took more than a week to complete.

After hearing about Tenable SecurityCenter’s Continuous View, the company decided to try it out. For the next three months, Bitbrains worked with a Tenable sales engineer and an outside consultant on the deployment of SecurityCenter CV. With SecurityCenter CV, Bitbrains could perform continuous monitoring, providing a comprehensive view of network health across different assets.

Moreover, Bitbrains’ professionals could now easily verify the status of antivirus across systems, update progress, and firewalls installed as well as check for functionally redundant network components.

“Security-wise, we have much better insight into what our current state is, what threats exist, and what solutions are available,” says Giray Devlet, chief security officer, Bitbrains.

“It also provides us insight with service customers, where we can see they did something wrong and are vulnerable to attacks, and when certain patches are not installed or missing.”

Industry: Mobile app development

Vulnerability scanning provider: Tenable SecurityCenter Continuous View

Outcomes:

  • Automated scanning of external-facing sites in 24 hours
  • Easy identification of weak spots in the cloud environment
  • Insight into mistakes made by service customers that could lead to potential vulnerabilities

5. Hill & Smith

With a net revenue of $858.21 million, Hill & Smith is known for creating sustainable and resilient infrastructure throughout the U.K., U.S., India, Sweden, and Australia. The company has a diverse portfolio, ranging from roads and transportation to utilities, engineered composite solutions, and galvanizing services.

Hill & Smith previously deployed limited resources in protecting its internet-facing assets. The issue gave rise to a foundational hurdle in creating attack-resilient structure: The company did not have enough time to attend to every threat.

Moreover, Hill & Smith was also struggling with the lack of visibility. The security tools used by the team could only perform searches on classified assets only. Hill & Smith faced challenges in tracking all of the potential risks stemming from new system updates. The process made the organization’s operations vulnerable to attacks.

Shifting to Intruder Vanguard provided the company with much more than automated vulnerability scanning. Vanguard sent users manual reviews done by security experts, flagged detected vulnerabilities, and offered remedies to create durable infrastructure. Hill & Smith then tackled its visibility issues by seeking out extra assets that might be in use and creating a 360-degree profile of all vulnerabilities in place.

“When we needed to go way beyond the usual programmatical scans, a specialized vulnerability scanner really let us enumerate the services behind IPs and find vulnerabilities and weaknesses that were previously hidden,” says Sam Ainscow, group CISO, Hill & Smith.

“Going in, we simply wanted to get an understanding of the organizational risks associated with the services we made available online. The open-source intelligence we received with Intruder Vanguard dramatically broadened our threat awareness.”

Industry: Infrastructure and construction

Vulnerability scanning provider: Intruder Vanguard

Outcomes:

  • Proactive bug hunting and reduced response time
  • Expert-informed human sights and limited occurrence of false positives
  • Early stage identification of vulnerabilities that could potentially turn lethal
  • Automated detection combined by manual reviews to dig deeper into system weaknesses

See more: Simple Guide to Vulnerability Scanning Best Practices

Bottom Line

These case studies show examples of how vulnerability scanning software is being used in various industries: IT; telecommunications; higher education; mobile app development; infrastructure; and construction.

Clients selected a range of providers in the vulnerability scanning market for implementations: Invicti; Qualys; PortSwigger; Tenable; and Intruder.

Together, the organizations’ vulnerability scanning solutions improved numerous aspects of their networks:

  • Automated reporting of identified vulnerabilities
  • Drastically reduced workload for security professionals
  • Vulnerability detection across thousands of connected devices
  • Reduced workload, resource optimization, and faster feedback loop
  • Reduced risk and increased security coverage across web portfolio
  • Identification of weak spots in cloud environment

See more: 10 Top Vulnerability Scanning Tools

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles