When Hill & Smith Holdings PLC wanted to get a better understanding of the organisational risk of its internet-facing assets, it had to overcome a big hurdle: not enough time to tackle every threat.
Making a change was the only answer – and augmenting the organisation’s security capabilities with Intruder Vanguard played an integral role in the solution. Here's what Sam Ainscow, Group CISO for Hill & Smith, revealed in a recent chat about its results.
It's no secret that automation offers IT security divisions a major edge. Limited resources demand tools that lighten the workload so that the humans in charge can take a more proactive approach to security and place greater focus on business critical tasks. At the same time, such tools must be up to the challenge.
"When we needed to go way beyond the usual programmatical scans offered by tools like Nessus from Tenable, Intruder Vanguard really let us enumerate the services behind IPs and find vulnerabilities and weaknesses that were previously hidden," said Sam. "Going in, we simply wanted to get an understanding of the organisational risks associated with the services we made available online. The open-source intelligence we received with Intruder Vanguard dramatically broadened our threat awareness."
Vanguard goes way beyond automated vulnerability scanning by providing users with the support of manual reviews conducted by dedicated security experts. Equipped to identify more sophisticated weaknesses, they can help users remediate issues faster.
For Hill & Smith, this impact was key, enabling them to achieve expanded threat coverage and improve its capacity to fix problems wherever they cropped up without having to onboard new talent. Sam said:
“The Vanguard solution will find things that automated scanning doesn’t. Every time Vanguard's professional security team finds something, it delivers value.”
A lack of visibility was one of Hill & Smith's biggest challenges – as good as some scanning tools may be, they will often only perform searches on the assets they’ve been made aware of. In a situation where it’s almost impossible to keep track of every new change to a system, this can be hugely problematic.
Intruder Vanguard goes further, seeking out additional assets that may be in use to provide a full picture of the vulnerabilities that exist. In addition, the service helps in reducing the incidence of false positives and in identifying potential disasters where different vulnerabilities might combine to result in far more severe outcomes.
Sam went on to explain one of the core benefits of Intruder Vanguard, its ability to help extend your existing security team:
"Maybe 1 percent of businesses already have everything they need in-house. Intruder Vanguard is for the other 99 percent, the ones that need to augment teams with on-demand security talent and empower decision-makers with a real-world understanding of the risks associated with their external attack surfaces at any given moment."
New security threats can emerge every few hours, but responses often take far longer. When the seemingly simple act of vulnerability assessment can be a job in and of itself, it's critical that firms respond rapidly when every hour counts.
Switching to Intruder Vanguard transformed the way Hill & Smith handled infrastructure security weaknesses for the better. With a team of dedicated security experts constantly hunting for dangerous vulnerabilities, Intruder Vanguard fills the gap that exists with point-in-time penetration tests, and provides Hill & Smith with a strong overview and protection of their systems. Problems are uncovered and advisories are raised within hours, ultimately letting them implement fixes within days.
On top of remediating critical threats more quickly, the decision to use Vanguard made it easier for Hill & Smith to be better informed about its security stance as these events developed:
"That daily or multiple-times-a-week email you get from the emerging threat scan is almost worth the price of the service itself," noted Sam.
"When the latest vulnerability comes along, seeing the report's big green tick gives you a huge amount of reassurance as a CISO."
Creating a more unified approach for identification and resolution of issues made life far easier for Hill & Smith’s security team. No longer did they have to settle for results that were already outdated by the time they were delivered or prohibitively expensive. Intruder Vanguard provided a more cost-effective hybrid approach that delivered the best of all worlds: enterprise-grade scanning, proactive bug hunting, and expertise-informed human insights straight to Sam's and his team's inbox.
"I'm much more informed than I was previously," said Sam. "In large, decentralised organisations, it is very difficult to gain a complete view of all externally facing IT assets. Every time Intruder Vanguard's professional security team finds something, it delivers value”.
Armed with intelligence that reduces risk, you can make informed decisions, reduce the likelihood of a business critical event, and lower your cyber insurance premiums. Yet, enterprises that want to leverage it need an informed perspective to do so. It's not enough to simply scan or carry out an annual penetration test. After all, point-in-time assessments provide data which can be out of date from the second you receive it. To fill the gaps that inherently exist between traditional approaches , you have to find what the scanners can't – and unify the information to draw more accurate conclusions.
Hill & Smith's approach to continuously improving their comprehensive vulnerability oversight is just one example of how enterprises are increasingly rethinking their security practices from the ground up. The dark ages of confusing, gap-ridden threat management practices are giving way to a new method of conceptualising, analysing, and fighting problems – one that gives you continuous peace of mind without requiring extensive resource investment.
Want to become – and remain – more secure? Ready to advance your vulnerability management approach without overhauling all your business practices? Connect with us to book your consultation with the team today and discover what comprehensive vulnerability management should be.