The client is one of the leading investment companies in Singapore. They were facing challenges during vulnerability closure and coverage of all the assets in their network.

Infosys helped in performing Infrastructure and Container Vulnerability Management, thereby reducing overall vulnerabilities in the client environment.

Key Challenges

  • Huge number of open vulnerabilities
  • Incomplete asset scanning coverage
  • Inconsistent scan results
  • No streamlined process of exception deviation and false positive handling
Line

The Solution

Regular scanning and elimination of vulnerabilities

  • Performed inventory reconciliation and host discovery scan to address asset scanning coverage to 100%
  • Enhanced scan template in vulnerability assessment scanning tool for improving consistency in scan results
  • Introduced process of exception for the vulnerabilities which could not be fixed due to several dependencies
  • Conducted monthly governance meetings which improved the SLA
Line

Benefits

Reduction in overall vulnerabilities

50% container related vulnerabilities remediated within a span of 1 month

50% container related vulnerabilities remediated within a span of 1 month

Achieved 100% asset scanning coverage

Achieved 100% asset scanning coverage

Enhanced reporting as a result of critical policy changes to scan template

Enhanced reporting as a result of critical policy changes to scan template

Improved quality of vulnerability management with exception forms and multistage false positive review

Improved quality of vulnerability management with exception forms and multistage false positive review

Improved remediation percentage from 60% to 90% post periodic governance meetings

Improved remediation percentage from 60% to 90% post periodic governance meetings