A multinational automotive manufacturing company with operations in approximately 150 countries. With a mix of legacy and modern environments, the client was struggling to contain and remediate vulnerabilities with skyrocketing risk exposure. Traditional way of managing vulnerabilities led to very high number of critical vulnerabilities unpatched for very long times, improper tracking and reporting, inefficiencies due to lack of automation and application of threat intelligence.
Mphasis helped the client in –
• Establishing a comprehensive, Gartner’s CARTA aligned, Vulnerability Management Program that used intelligence to prioritize vulnerability remediation efforts
• Performing vulnerability and compliance checks to meet NIST and CIS benchmarks
• Identifying rogue machines which might endanger overall system and network security
• Assessing vendor, system and user originated vulnerabilities across information systems
• Planning and executing patches in a phased manner, based on business dependency and vulnerability criticality, exploit availability, business criticality of impacted systems, nature of compensating controls available
• Integration with Mphasis InfraGenie™ for effective task distribution and better visibility on progress
• Remediation prioritization by calculating business impact to each asset based on identified vulnerabilities
• Consolidated reporting providing context and insight about each vulnerability, including trends, predictions and potential solutions
• Maximizing ROI from existing investments
Mphasis solution helped the client in -
• Reducing more than 80% of vulnerabilities in a period of 3 months
• Providing visibility of previously unidentified risks along with current risk vectors in the environment
• Expedited reduction of vulnerabilities in the environment
• Planning and decisions on future roadmap of infrastructure and application upgrades/ changes required to reduce risks