Today, cybersecurity is becoming more and more a normal part of development and routine business. Pentesting is one part of that and for many organizations, it means integrating routine pentesting into development and update cycles, planning regular pentests to check for known vulnerabilities, and using pentesting for compliance. That also increasingly means that clients are aware of their cybersecurity environment and may find issues.
With Cyver Core, vulnerabilities are uploaded into a pentest portal. You can then automatically add instances, findings across assets, and track those vulnerabilities over time as they are remediated, re-occur, or are escalated. That gives clients insight into their vulnerabilities and a way to track vulnerabilities and remediation in their environment.
But, what happens when the client raises an issue? If your cybersecurity firm is working with a client long-term, you want to be able to track, investigate, and validate issues raised.
With Incident and Risk Management in Cyver Core, clients can do exactly that. The client can raise a vulnerability or an incident for review, to request a pentest or investigation into that issue. In this way, clients can better validate against specific vulnerabilities, assess risks for new trending vulnerabilities, and respond to security incidents in a meaningful fashion.
- Vulnerabilities – Dev teams can highlight found vulnerabilities and request validation and impact checks across assets and IPs.
- Trends – Clients can request pentest or assessment against trending risks or vulnerabilities, which they can use to assess risk, set cybersecurity budgets, and prioritize patches and remediation to mitigate those vulnerabilities
- Incidents – Clients can raise incidents and request investigation and remediation assistance following a potential or real cybersecurity incident
Risks and Incidents allow clients to raise items for investigation, which you can respond to with pentesting, scans, and remediation advice.
This can also map to crown jewel scenarios, where clients share their “worst nightmare” scenarios, and their cybersecurity firm works to assess whether it’s possible. It can also map to simple scans to assess whether found vulnerabilities have been successfully patched.
In addition, with our integrated quotes add-on module, you can directly translate raised issues into a quote for a pentest or assessment to directly get sign-off from the client and get started on the pentest.
To see more, contact your customer success manager for a demo or book a platform demo if you’re new to Cyver Core.