Critical Start Delivers Comprehensive Vulnerability Management Service and Vulnerability Prioritization Powered by Qualys VMDR

PLANO, TX, August 15, 2024 – Today, Critical Start, a leading provider of Managed Detection and Response (MDR) cybersecurity solutions and pioneer of Managed Cyber Risk Reduction (MCRR), announced the general availability of Critical Start Vulnerability Management Service (VMS) and Vulnerability Prioritization. These new offerings are a foundational pillar of Managed Cyber Risk Reduction, allowing organizations to assess, manage, prioritize, and reduce cyber risk exposure posed by vulnerabilities across their environments. 

Critical Start’s Vulnerability Management Service is a fully managed service that enables security leaders to effectively run a vulnerability management program by offloading burdensome operational tasks. The managed service leverages Critical Start’s collaboration with Qualys, utilizing its industry leading end-to-end vulnerability management, detection, and response solution (Qualys VMDR). Critical Start’s managed services engineers provide operational execution of vulnerability scanning, ongoing operational monitoring, and detailed reporting, all of which contribute to a comprehensive view of an organization’s exposure landscape. All findings provided to customers are based on expert analysis of vulnerabilities and potential exposures in the customer environment. Customers receive contextualized vulnerability reports and concise directions for effective and efficient vulnerability management that helps them reduce cyber risk and minimize their attack surface.  

The Vulnerability Prioritization capability (optionally included with Vulnerability Management Service or available standalone) identifies high-risk vulnerabilities as calculated by Critical Start based on multiple dimensions including CVSS scores, threat intelligence, exploit weaponization by attack type (ransomware, malware, botnet), asset criticality, and exposure settings due to technical security controls gaps. Critical Start’s Vulnerability Prioritization is founded in the platform’s Asset Visibility capability, which provides a unified asset inventory, calculates asset criticality, and identifies critical controls gaps. This allows security teams to focus remediation efforts on the vulnerabilities that pose the greatest risk and create the most significant exposures for their organizations.

“Organizations understand that effective vulnerability management is critical to reducing their cyber risk exposure, but many struggle with the complexity and effort involved in implementing and running an accurate and timely vulnerability management program,” said Chris Carlson, Chief Product Officer at Critical Start. “By providing Vulnerability Management Service and Vulnerability Prioritization built on top of end-to-end Asset Visibility, this key part of our holistic risk reduction approach enables security teams to easily identify, manage, prioritize, and address the vulnerabilities that matter most to meeting their organization’s risk tolerance, protecting against threats, and minimizing their overall exposure.”

“Collaborating with Critical Start to integrate Qualys Vulnerability Management Detection and Response (VMDR) into their new managed security service empowers our joint customers to identify and remediate vulnerabilities and monitor threats effectively, so they can stay focused on their core business operations,” said Shailesh Athalye, senior vice president, product management at Qualys. “We’re excited to work with Critical Start and extend this service to customers to detect, prioritize, and remediate vulnerabilities for risks of ransomware and loss of business operations.”  

Key benefits of Critical Start’s new offerings include: 

  • Foundational Asset Visibility: All Vulnerability Management Service and Vulnerability Prioritization customers gain access to a centralized, normalized, and deduplicated asset inventory built from their connected security tools that provides insights into asset criticality and security controls gaps. This lets customers determine weaknesses in their security posture while also giving them valuable insights into which assets pose the greatest risk if/when a breach occurs.
  • Turnkey vulnerability management program: Customers can offload the burden of vulnerability scanning configuration, tuning, and ongoing operational monitoring to Critical Start’s expert analysts, allowing their teams to focus on risk reduction and exposure management activities, with optional co-management for customers that want full visibility and control over their operational configurations.. 
  • Clear risk visibility and actionable reporting: Executive dashboards and reports provide an up-to-date view of key risk metrics, overall risk exposure, and trending over time. Detailed reporting enables effective communication about vulnerabilities and exposures with senior management, boards of directors, auditors, and other stakeholders. 
  • Risk-based vulnerability prioritization: Multi-vector analysis considers factors like asset criticality, exploitability, security control posture, and threat intelligence to identify the highest risk assts and vulnerabilities with the most significant exposures requiring urgent attention.
  • Improved vulnerability outcomes: Consolidating vulnerability and exposure data eliminates manual effort and allows quick access to information for reporting, decision-making, budgeting, and compliance needs.
  • Integration with the Critical Start Platform – Users see their vulnerability results and prioritized remediation recommendations in the same user interface of the Critical Start Cyber Operations Risk and Response™ (CORR) platform as their Managed Detection and Response alerts, asset inventory and security controls gaps, and Risk Assessment posture and improvement recommendations. 

These new services complement Critical Start MDR services by addressing vulnerabilities before they can be exploited. When combined with MDR, customers have a comprehensive security strategy that covers both preemptive measures and reactive measures. 

For more information on Critical Start Vulnerability Management Service and Vulnerability Prioritization capabilities, visit: Critical Start Vulnerability Management.

About Critical Start 

rganizations today face the challenge of optimally aligning their cyber protection measures to reduce the risk of breaches and business disruptions. CRITICALSTART® Managed Detection and Response (MDR) is the foundation to Managed Cyber Risk Reduction, which improves security operations outcomes and minimizes the probability and impact of breaches. Utilizing their Cyber Operations Risk & Response™ platform, they integrate industry-leading tools and proactive cybersecurity intelligence into the Security Operations Center (SOC) — such as comprehensive asset inventories, EDR coverage gaps, asset criticality, MITRE ATT&CK® Mitigations, and vulnerability management. Their security operations team evaluates and responds to threats, vulnerabilities, and risks, while conducting extensive threat intelligence research. Supported by a human-led risk and security operations team with over 10 years of MDR experience, Critical Start empowers businesses to protect their critical assets, demonstrating a measurable return on investment. 

The platform offers maturity assessments, peer benchmarking, posture and event analytics, and robust response capabilities. This approach ensures that organizations achieve optimal cyber risk reduction for every dollar spent, enabling them to confidently reach their desired risk tolerance levels. 

For more information, visit criticalstart.com. Follow Critical Start on LinkedIn, @CRITICALSTART, or on Twitter, @CRITICALSTART. Follow Critical Start on LinkedIn, X, Facebook, Instagram

Newsletter Signup

Stay up-to-date on the latest resources and news from CRITICALSTART.