Cygilant Launches New Vulnerability, Patch Management Cloud Service

Cygilant VPM provides IT teams with a single-service offering that combines continuous co-managed vulnerability management with auditable patch management.

Cygilant.logo

Cygilant explains its mission with an unusual name. It is a combination of “cyber” and “vigilant,” so one can ascertain with a fair amount of accuracy what it does.

Specifically, Cygilant provides security as a cloud-based service; it added to its product line Oct. 24 by launching a new combined vulnerability and patch management subscription package. 

This approach—which the company describes as “industry-first”—to vulnerability and patch management is now available to companies that have invested in the Qualys, Rapid7 or Tenable vulnerability management platforms but don’t have the resources to prevent breaches from known exploitable vulnerabilities or unpatched systems.

This security issue has been prominent in the news recently. Enterprises effectively utilizing vulnerability and patch management can avoid catastrophic breaches such as the recent Equifax breach that exposed sensitive data for as many as 145.5 million U.S. consumers. Equifax IT personnel failed to install an available patch for their Apache Struts web-application software which cyber criminals were then able to easily exploit.

Everything is Auditable

Cygilant VPM provides IT teams with a single-service offering that combines continuous co-managed vulnerability management with auditable patch management and security engineering support from its global SOCs (security operations centers in Canada, India and the U.S.) to identify, prioritize and patch vulnerabilities in order to reduce the attack surface. 

“What we’re learned from customers is that they not only want to detect vulnerabilities but prioritize them and put in a well-defined process to patch those vulnerabilities in a timely manner,” President and CEO Vijay Basani told eWEEK. “A lot of times, you’re dealing with two different teams, or two different technologies, or two different processes—there might not be a well-defined workflow within the company to patch some vulnerabilities; you might miss some of them or apply some patches on some systems and miss others. There’s a lot of risk involved here.”

Cygilant Vulnerability and Patch Management is a subscription service that combines people, process, and technology to effectively detect and fix both old and new vulnerabilities and missing patches before they are successfully exploited. The VPM service includes:

  • Continuous Vulnerability Scanning: Cygilant’s Global SOC team of security engineers will schedule and manage Rapid7, Qualys, and Tenable vulnerability management solutions to continuously scan IT assets to identify vulnerabilities.
  • Risk-based Prioritization of Vulnerabilities: Cygilant’s GSOC team will prioritize vulnerabilities based on exploitability and business risk. 
  • Tailored Reporting: Cygilant’s GSOC will provide daily/weekly/monthly reporting  and  guidance on reducing the attack surface, keeping all stakeholders up-to-date.
  • Patch Management: Cygilant’s cloud-based Patch Management service identifies, analyzes, and reports on missing patches on operating systems, including Windows, Linux, and third-party applications such as Adobe and Java.
  • Auditable Change Management: Auditable workflow to review, approve, schedule, apply, and validate missing patches by asset type and group.
  • Compliance Support:  assistance with meeting compliance requirements related to vulnerability and patch management.
  • Dedicated GSOC team:  a dedicated Cygilant Service Delivery Manager, backed by GSOC security engineers, provides a force multiplier effect to manage vulnerability scans and patch large IT environments cost effectively.

For more information, go here.

Chris Preimesberger

Chris J. Preimesberger

Chris J. Preimesberger is Editor of Features & Analysis at eWEEK, responsible in large part for the publication's coverage areas. In his 12 years and more than 3,900 stories at eWEEK, he...