Snow Software Unveils Risk Monitor to Combat Security and Compliance Threats
October 2019 by Patrick LEBRETON
Enhancements bridge the gap between IT and security data to provide a complete view of known vulnerabilities and applications containing personally identifiable information across the technology environment
Snow Software announce enhancements to its Risk Monitor product to help organisations strengthen cybersecurity and compliance programs with complete insight across their technology landscape. Part of Snow’s powerful technology intelligence platform, Risk Monitor automatically provides a comprehensive and contextual view of where high-stakes vulnerabilities and personally identifiable information (PII) reside, providing the visibility needed to proactively mitigate potential threats.
A recent Accenture study found that the number of security breaches has increased by 67% in the last five years, while the financial impact of cybercrimes has increased by 72% in the same period. Yet the majority of breaches still come from cybercriminals exploiting known vulnerabilities. To counter these ongoing threats and help strengthen security protections, Snow’s Risk Monitor identifies and prioritises critical vulnerabilities based on the National Institute of Standards and Technology’s (NIST) National Vulnerability Database (NVD). It also helps organisations protect user data and comply with GDPR by identifying applications with PII based on Snow’s purpose-built database. Risk Monitor uses the same discovery agent for both asset management and vulnerability identification, providing organisations with a single source of truth that is augmented with trusted third-party as well as proprietary first-party data.
With Risk Monitor, organisations will be able to:
Identify and prioritise addressing, patching or remediating software vulnerabilities
Audit and augment existing security software with detailed IT ecosystem inventory data
Automate vulnerability identification and map to the technology estate, aligning with timelines mandated by cybersecurity frameworks and eliminating manual processes
Monitor and support management of software licenses with detailed metrics including end of life, end of support and vulnerability data
Discover and inventory software or applications containing PII to meet initial GDPR compliance mandates
With these enhancements, Snow’s platform provides the complete visibility required as a starting point for adherence to cybersecurity frameworks like NIST Cybersecurity Framework, Center for Internet Security (CIS), and those published by the International Organisation for Standardisation and International Electrotechnical Commission (such as ISO27001).