We changed our name from IT Central Station: Here's why

Vulnerability Management and Risk Management Integration

Does anyone have recommendations about methodologies (e.g. use of FAIR framework), plug-ins (ETL schemas, FOSS add-ons) or commercial/free solutions (like Kenna) that can help us during "integration, transformation and consolidation" of vulnerability into risks (from Tenable.IO to Archer)?

ITCS user
23 Answers

author avatar

Yes, take a look at DeepSurface. It’s designed to automate the process. 

author avatarJairo Willian Pereira
Top 5LeaderboardReal User

@James Dirksen thanks, i'll check it.

author avatar

Clear use with the NIST compliance framework, Archer IRM 6.9.sp3.p2, use of pre-processing out of Archer and now integration with agnostic tools. 

FOSS or premium brands - all depends on your supply chain risk. 

Support for qualitative nice to get a bow-tie on when quantitative data works for you. Add your methods, AWARE, FAIR, COBIT, ATT&CK; all visuals.

Find out what your peers are saying about Tenable Network Security, Rapid7, Morphisec and others in Vulnerability Management. Updated: January 2022.
563,780 professionals have used our research since 2012.