TARA Client Success

Addressing Risks for a Global Manufacturing Firm

The Challenge

A Michigan-based manufacturing firm struggled with addressing the risks associated with software vulnerabilities at facilities around the globe.

As scanning operations ramped up, it was apparent that there just were not enough hours in the month to keep up with all the findings. 

The Solution

TARA Targeted the riskiest vulnerabilities.

Using the TARA platform, the client gained insights to the riskiest vulnerabilities regardless of the ranking assigned by the scanning technology. Using a “typical” monthly scan result pulled from the client environment, 30,000 vulnerabilities represent a much different outcome when managed with TARA.

Traditional Approach

  • Focuses on Critical and High vulnerabilities
  • 9,100 must be patched each month
  • Addresses 40% of overall risk
  • Some of the riskiest vulnerabilities (medium) are never reviewed

TARA Risked-Based Approach

  • Targets about 1% of total vulnerabilities for patching
  • 250 must be patched each month
  • Addresses 70% of overall risk
  • Highlights riskiest vulnerabilities for immediate remediation
The Benefit

TARA dramatically improved risk coverage for this Global Manufacturing Firm.

The outcome was startling, and the insights provided by TARA reduced mitigation workload by 97%… dramatically improving risk coverage.  Another interesting revelation was the high percentage of Medium (CVSS) vulnerabilities that had high risk scores.  Nearly 60% of the riskiest vulnerabilities were under a medium risk designation when ranked by the vulnerability scanner. On an average month, using the “Traditional” approach…55 of the riskiest vulnerabilities (medium) will never be reviewed or mitigated.

0%

Reduction in Mitigation Workload

0%

Riskiest Vulnerabilities Classified as Medium

+0%

Improvement in Risk Coverage over a Traditional Approach