Helping large organizations efficiently manage global-scale vulnerability management programs
Adobe operates an extensive, global infrastructure. In these environments, executing scans, compiling results, and then managing vulnerabilities to closure is one of the biggest challenges in cybersecurity program management.
38North worked with Adobe by inventorying its global infrastructure scans and prioritizing systems by criticality. Then, a tool was developed to automatically parse scan results and outputs reporting in the various formats required to support compliance. 38North then onboarded systems into the tool while advising remediation, allowing us to consolidate vulnerability reporting and start a process for working on vulnerabilities. Finally, 38North developed an integration with the Adobe ticketing system to facilitate the creation of tickets for vulnerability management.
38North ultimately delivered a tool to Adobe that reduced the time required to process scan results from 120+ hours per month to a handful of minutes. 38North also automated compliance reporting and developed a process and integration for efficiently dealing with vulnerabilities across the enterprise.
Challenges
- Adobe needed to drive vulnerabilities to closure across a vast, global environment.
- As a large global organization, Adobe has to produce a high volume of compliance reporting and can only keep up if it can automate its components.
Solutions
- Cloud Security
- Security Engineering
Results
- A tool that efficiently processes and organizes scan findings across Adobe’s environment.
- Automatic creation of needed compliance artifacts.
- An effective process and ticketing system integration for driving vulnerabilities to closure across the enterprise.
