IGI CyberLabs has rolled out an updated edition of its Nodeware continuous vulnerability management solution with enhanced scanning capabilities.
Available immediately at no additional cost to existing Nodeware subscribers, the new functionality draws on credentialed scans to do a “deep dive” into secured endpoints, resulting in more specific information about defensive gaps and fewer false positives, according to Frank Raimondi, the vendor’s vice president of channel development. The new release gives users more detailed remediation advice as well, he continues.
“It really enables them to do things a lot quicker and more productively,” says Raimondi, who spoke with ChannelPro during yesterday’s SMB Forum event in Los Angeles.
Integris, an MSP with offices in over 20 locations, says the expanded remediation instructions are saving its technicians 2.5 hours each a day on average.
“You’re talking about 25% of somebody’s workday,” says IGI CyberLabs President Stuart Cohen, noting that time savings like that translate to money saved that MSPs can pass on to their customers or use to bundle continuous vulnerability management into an existing service package without raising prices.
Affordability, Cohen says, is one of several attributes that make Nodeware a better fit for most MSPs and SMBs than pricier enterprise vulnerability management solutions from companies like Tenable and Qualys. The system’s light impact on network performance, he continues, is another.
“We’re running during normal business hours with no network degradation, one to two percent at the most,” Cohen says. “That’s what our competitors can’t do.”
Nodeware has an edge over competitive offerings in ease of use too, he adds. “You literally can install Nodeware, run a network scan of your environment, and within a couple of hours you can produce an executive summary,” Cohen says.
Multiple factors are currently driving increased demand for continuous vulnerability management solutions, including regulatory directives. IGI CyberLabs, for example, recently forged an alliance with compliance consultancy KPA and compliance management technology provider Sensitive Data Protect to include Nodeware in solutions designed to help car, RV, and boat dealers comply with updated data privacy rules from the Federal Trade Commission. The new guidelines, which go into effect December 9th, require businesses that collect consumer finance data to either conduct an annual penetration test or perform the kind of continuous monitoring and management of vulnerabilities that Nodeware is designed to supply. Cohen expects that mandate to have dealers scrambling in response for many months to come.
“The deadline’s December 9th, but it’s going to be a long time before that’s really done,” he says, noting that security frameworks from entities like NIST and the Center for Internet Security have begun requiring continuous vulnerability management as well.
“Two years ago, all you had to do was a vulnerability scan once a year to meet that same check box,” Cohen observes.
Cyber insurance companies are increasingly making continuous vulnerability monitoring mandatory for policy holders too, Raimondi notes. “They want to make sure that their customers are doing the things they said they were going to do,” he explains.