News
BackBox Unveils Major Update to Network Vulnerability Manager
March 2024 by Marc Jacob
After releasing Network Vulnerability Manager (NVM) in Q4 2023, BackBox has announced a major platform feature update that gives customers the ability to mark irrelevant or already-mitigated Common Vulnerabilities and Exposures (CVEs) as "mitigated," helping network teams manage CVEs and their relevance to the organization.
In addition, as CVEs are marked as mitigated, the organization’s risk scores are adjusted to provide an accurate view of the impact vulnerabilities have on overall security posture and to help best prioritize vulnerability remediation. BackBox has also improved its User Interface (UI) to help network engineers manage mitigated CVEs and give them the flexibility to view their organization’s risk posture either by CVE or by device. Service providers get additional flexibility to view risk posture by customer or site.
According to a 2022 analysis of CVEs data, "unpatched software is a top three access route for hackers and patching remains the single most important thing you can do to secure your technology."
BackBox launched Network Vulnerability Manager in October 2023 to integrate automated OS upgrades and network configuration management capabilities with network vulnerability management into common workflows. NVM is purpose-built for network teams to easily discover vulnerabilities in their network, prioritize CVEs according to their unique risk profile, and automate remediation, no matter the network complexity.
In a 2023 survey conducted by Wakefield Research on behalf of BackBox, 92% of 250 network and security operations professionals said there are more network updates needed than they can keep up with, and 61% of companies reported that they only upgrade network and security devices quarterly or less frequently. Nearly half (48%) of survey respondents said their company has not implemented or invested deeply in network automation, opening them up to security breaches, ransomware, and other serious issues.
NVM differentiators include:
Delivering contextual information about CVE severity through a rich data feed that integrates information from CISA, the National Vulnerability Database (NVD), the National Institute of Standards and Technology (NIST), and vendor websites.
Helping put vulnerabilities in context with a risk score so that network engineers can prioritize remediation based on potential impact to the organization.
Enabling network teams to take action against vulnerabilities and automate the remediation process to stay ahead of vulnerabilities.
