An Intro to Resolver’s InfoSec
Application (RiskVision)

Hello!
I am Steve Finegan
Product Manager at Resolver
@Steve_Finegan
steve.finegan@resolver.com
Your
Photo
Here!

And,
I am Kevin Barcellos
Manager, Solution Engineering
kevin.barcellos@resolver.com

RESOLVER APPLICATIONS

IT Integrated Risk Management
Risk
&
Regulation
Audit Improve
Policy
&
Control
Response
Incident
Report
Investigate Analyze ImproveMonitor
INTEGRATED RISK MANAGEMENT
PLANNING PREPERATION RESPONSE RECOVERYEVENT
RiskVision RiskVision RiskVision

INFOSEC APPLICATION

VISIBILITY INTO CRITICAL
ASSETS
Need to capture IT assets,
including servers,
applications, and data and
set criticality. Key
challenges include volume
and velocity of data and
orchestrating SME input.
MULTI-GEOGRAPHICAL AND
REGULATORY COMPLIANCE
Different legal jurisdictions
have different regulatory
mandates they need to
comply with, and even
within a jurisdiction there
are multiple applicable
requirements. Also, new
extensive regulations like
GDPR are taking effect.
NEED TO IMPROVE
OPERATIONAL EFFICIENCIES
As a result of increasing
volume and velocity of
data, security and
compliance groups need to
improve efficiency.
Redesigning processes is a
challenge when the team is
at capacity dealing with
current workload.
Pains

ASSET IDENTIFICATION AND
CLASSIFICATION AT SCALE
Ability to import large
volumes of assets from
existing tools and to
automatically send
classification surveys to
SMEs results in more risk-
relevant data.
COMPLIANCE BY GEOGRAPHY
AND REGULATION
Assignment of servers,
applications, and data to
organizational units for
BU/geographic reporting.
Ability to reuse control
results for multiple
regulations to streamline
multi-regulatory compliance
requirements.
REALIZATION OF OPERATING
EFFICIENCIES
Efficiencies gained by
automation and
orchestration, combined
with workflow process
data, allows organizations
to analyze and streamline
processes.
Gains

RISK AND COMPLIANCE
PROFESSIONALS
INFORMATION SECURITY
PROFESSIONALS
CORPORATE SECURITY
PROFESSIONALS
How RiskVision helps
• Gain visibility to IT risk and
compliance for important standards
and regulations such as ISO, PCI,
NIST, and HIPAA.
• Orchestrate the remediation of
findings and mitigations.
• Track top risks.
• Model information systems and
components, together with data.
• Provides visibility into most critical
assets.
• Ensure that mitigations affecting the
most important information assets are
prioritized accordingly.
• Understand the importance of data
stored within physical
environments.
• Measure the effects of physical
controls on information security.
• Track the remediation of physical
controls issues.

Threat &
Vulnerability
Management
IT Risk &
Compliance
Third Party Risk
Management
Primary Use Cases

Threat and Vulnerability Management

Vulnerability Management Challenges
Over the past 10 years, only 12% of known vulnerabilities have been exploited12%
97,618vulnerabilities in the National Vulnerability Database (NVD)
38,953exploits
in the Exploit
Database
>100 billionlines of code generated annually
Hackers produce about
120 million variants of
malware every year
Through 2020,
99%
of vulnerabilities
exploited will be
those known for at
least one year
Medium severity
vulnerabilities are most
often exploited in the wild
The time it has taken
from patch release to
exploit in the wild
has dropped from
45to 15
days in the last
decade

Key
Vulnerabilities
to Prioritize
Vulnerabilities
Affecting Crown-Jewel
Assets
Vulnerabilities
in your
Environment
Known Vulnerabilities
Exploited
Vulnerabilities

TVM Features
Asset
Classification
Vulnerability
Risk
Scoring
Remediation
Ticket
Orchestration
Remediation
Validation
1 6 7
Risk Score
Aggregation &
Prioritization
4 5
Data
Collection
2
Data
Correlation
3
Dashboards
/ Reporting
8

Vulnerability Risk Scoring
IMPACT LIKELIHOOD
Business
Criticality
Type of Data
Scope
Other
Attack Vector
Attack
Complexity
Privileges
Required
User Interaction
Matching Exploit
Age
Network
Location
Other

Risk Score Aggregation
E N T E R P R I S E
BU 1
DBMS
Server
Server
Server
NVD
CVE-2017-5632
APP
APP
PATCH
V U L N
RISK SCORE V U L N
V U L N
V U L N
BU 2 BU 3
CVE-2017-5638
CVE-2017-4187
CVE-….
CVE-....

Compliance Management

Key Compliance Challenges
• Volume of data
o Assets
o Controls
• Complexity
o Organization
o Regulations
• Minimize user resistance
• Higher stakes
• Need to do more with less or same resources

Compliance Manager Features
Asset
Classification
Common
Control
Framework
Compliance
Measurement
& Reporting
Control
Frameworks
1
3
6 7
Workflow
Management
4 5
Control
Target
Profiles
2
Automated
Questionnaire
Creation
3

Scaling Assessments

Vendor Risk Management

Key Vendor Risk Management Challenges
• Provide an accurate view of a vendor’s riskiness
• Minimize administrative burden on vendors
• Ensure vendors are following through on remediation actions
• Enforce a consistent process for rating vendors
• Allow process to be managed with a minimal number of resources

Onboarding,
Due
Diligence &
Screening
Vendor Risk
Assessment
Contract
Onboarding
Risk
Oversight &
Control
Ongoing
Monitoring
1 2 3 4 5
Renewal/
Termination
Protocols
6
Vendor Risk Manager Features

Key Differentiators

INTEGRATION SCALABILITY AUTOMATION
Key Differentiators

ROADMAP

RE-INTEGRATE
RELEASE STREAMS
Combine 8.5 and
SOAR 2017.1
releases: Threat
object,
Threat/vulnerability
correlation, Trending
enhancements
TVM SCALABILITY
Archive vulnerability
instances and
tickets, TVM schema
optimization, KRI
enhancements,
Tickets UI
enhancements,
Compliance
dashboard
THREAT
MODELING/TVM
Threat modeling,
Connector scheduling
enhancements, Patch
object enhancements,
Tickets UI
enhancements,
Reporting enhancements
ARCHIVING
ENHANCEMENTS
Assessments,
Evidence,
Documents,
Additional
dashboards and
reports
AUTOMATION
Tickets bulk
operations,
Vulnerabilities bulk
operations, CPE
search, Hybrid
controls
Q3 Q4 Q119 ROY19Q2
All information is confidential and subject to change.
Roadmap

KEY USE CASES & DEMO

Thanks!
Any questions?
@Steve_Finegan
steve.finegan@resolver.com