The launch of Vulnerability Remediation-as-a-Service (vRaaS) by cybersecurity solutions provider 2TS combines the use of an international industry-leading vulnerability management solution, together with unified endpoint management technologies, to detect and remediate vulnerabilities within your IT environment. At the same time, this offering is available across the board, for both large-scale enterprises (LE) right through to small and medium enterprises (SMEs).
2TS CEO Charl van Niekerk explains: “Two leading international technology vendors, which are involved in vulnerability management and unified endpoint management respectively, recognised that new vulnerabilities are discovered every month, but that the vast majority of all organisations, both LE and SME alike, are not able to improve their vulnerability status. At best, their security teams are able to keep the organisation’s vulnerability status at a stable high.
“By working together, and allowing each vendor to focus on their respective core offering and strengths, they were able to significantly improve the time to remediation – from months and weeks, down to weeks and days – through the use of automation.”
Lift-off… A highly scalable solution is launched
Van Niekerk clarifies that the solutions offered by each vendor were previously largely available only to large enterprises. He continues: “Our company has recognised the need to offer the same level and quality of vulnerability management and remediation to all enterprises regardless of size, from LE right through to SME.
“2TS overcame implementation challenges through our localisation strategy and the introduction of our vRaaS solution, whereby we offer the solution-as-a-Service. The offering comes inclusive of all services in the form of Managed Services, whereby the customer – who lacks the skills and/or the interest to perform the services in-house – outsources this requirement, while only paying for what they use.”
2TS is based in Centurion and Cape Town with customers and partners across South Africa and the rest of Africa. It is a focused solutions provider that helps business owners improve cybersecurity, while improving operational efficiencies and reducing operational costs. Exclusive Networks Africa is the local arm of its global trusted cybersecurity specialist parent company that is based in France and listed on the Euronext Paris Stock Exchange.
How does vRaaS work?
Van Niekerk notes: “It is well known that most vulnerabilities are related to patching; and the ongoing and routine tasks and activities of operational teams are performed by endpoint management solutions.
“Vulnerability Remediation-as-a-Service (vRaaS) makes use of an international, industry-leading vulnerability management solution, together with unified endpoint management technologies, to detect and remediate vulnerabilities within your IT environment. It combines the vulnerability scanning and remediation capabilities of the respective technologies within a single solution.”
Van Niekerk clarifies the process as follows:
· Firstly, the vulnerability manager scans the entire environment to detect any known vulnerability in the CVE database. With the out-of-box integration between industry leading vulnerability management and unified endpoint management technologies, vulnerability data will be transferred to BigFix through automation.
· The UEM’s Insight Vulnerability Remediation (IVR) module compares vulnerability data to applicable patches and fixlets to remediate, as part of the routine and known required patches, and in so doing, this remediates the associated vulnerabilities.
· The UEM portion of the vRaaS solution presents all data, including the information from the vulnerability management manager, in a single dashboard – wherein lies the uniqueness of the vRaaS.
· Remediation can be done directly from this dashboard – a truly integrated solution, making use of industry-leading technologies to automate the process end-to-end. Reporting is performed, scheduled and automated, directly from the dashboard for C-Level through to technical personnel.
He adds: “By comparing operational patching plans with vulnerabilities requiring the same patches to remediate the vulnerability, this considerably reduces the effort and time to remediate, thereby allowing security teams to focus on the anomalies that actually require their specialist attention – the identified vulnerabilities that are not already part of the patch maintenance plan/cycle of the operations team. In so doing, this improves the rate of remediation exponentially for better operational resilience and without any risk.”
Global technology, local cybersecurity expertise, services first
Van Niekerk continues: “I have always had a passion for start-ups and SMEs and the critical role that they play within the economy. While we include a number of large organisations within our client suite, 2TS has identified a need to assist smaller businesses in South Africa as well, which are at just as much risk of cyberattacks and security breaches as bigger companies. At the same time, SMEs do not necessarily have access to the same cybersecurity and budget resources available to larger corporations, which can make them even more vulnerable.
“In the quest to support all our clients, quality is critical to 2TS, and we therefore prefer to think globally when it comes to the technology offering, while offering the client local experience, expertise and service. Through our relationship with Exclusive Networks Africa, we have partnered with a specialist vulnerability management provider that is highly rated by Gartner and uses artificial intelligence (AI) in its offering. Cybersecurity requires speed – IT security managers need to ‘find the hole and plug it fast’ – and our partner’s solutions provide the expertise that 2TS requires. At the same time, we are aware that Exclusive Networks Africa’s parent company also subscribes to our philosophy ‘Think Global: Act Local’ and in this regard we have found another excellent partner fit.”
Stefan van de Giessen, Country Manager: SA and SADC at Exclusive Networks Africa, adds: “Exclusive Networks Africa has a services-first ideology at its core, harnessing innovation and disruption to deliver partner value and with the mindset that we are able to offer ‘Everything as a Service’. We thus endorse the 2TS offering of Vulnerability Remediation-as-a-Service and applaud this thinking for the SME sector – it makes excellent logical and business sense.”
Vulnerability remediation facilitated by continuous visibility
Van Niekerk continues: “Vulnerability Remediation in cybersecurity involves identifying and addressing cyberthreats that can have a negative impact on your network security. If you have continuous visibility into your network infrastructures, you can quickly identify dangers and thereby address them in time, before they threaten your business.
“Our offering eliminates blind spots, prioritises threats, and reduces exposure and loss. This vital area of cybersecurity – Vulnerability Remediation-as-a-Service – is handed over to experts providing globally endorsed technology with the understanding provided by local expertise.”
Enabling the core business
Van Niekerk adds that the small business market especially does not want complexity with regards to its cyber defences. “There are companies that offer a ‘tool in a box’ solution,” he explains, “but this generally comes with hidden costs. Who is going to implement the solution, for example? Unplanned consultation fees are costly.
“At the same time, if people attempt to cut corners, we have an issue whereby compliance is compromised: security and remediation must be kept separate, in the same way that one cannot write one’s own test and also mark it. For this reason, we believe that the SME market requires a simple outsourcing solution offered by security experts, which allows them to get on with their core business knowing that their security needs are taken care of.”
“Vulnerability management is not something that can be lightly dismissed,” comments Van de Giessen. “However, it forms an important foundation when building your organisation’s security posture, including reducing risk. Companies like 2TS are playing a critical role in supporting businesses of all sizes, while the Vulnerability Remediation-as-a-Service dovetails completely with the Exclusive Networks Africa philosophy. We are very pleased to be playing our part in partnering with them.”
“2TS is extremely excited to be launching our Vulnerability Remediation-as-a-Service offering and looking forward to playing our continued role in supporting businesses of all sizes with their cybersecurity requirements, allowing them to focus on the business of doing business, and in turn helping to grow the local economy,” concludes Van Niekerk.