Delivering an end-to-end Vulnerability Management programme to reduce attack surface
A cosmetic manufacturer company, headquartered in US, which has 500 employees across seven offices globally. The company designs and manufacturers exclusive brands and private labels for mass, drug and specialty retailers and provide outsourcing solutions to leading beauty companies operating worldwide.
- The business was recently acquired by a Private Equity firm with a mandate to uplift the entire security posture of the company. The requirements covered all aspects of information security with a global footprint and a need to provide ongoing security management over several years.
- The customer was seeking a security partner who could implement and run a breath of security services globally, at a commercial point commensurable with a mid-size enterprise.
Theos delivered an end-to-end VM programme, which includes the following:
- Implement vulnerabilities scanning platform and configure scan templates and schedules.
- Performed Vulnerability Discovery & Penetration Testing: initially perform a vulnerability discovery on all its Internet facing systems, and conduct penetration testing on up to 3 external-facing applications or systems.
- Deliver Vulnerability Management: scanning the entire estate for vulnerabilities, which will then be validated and remediated by Theos. Theos does validate findings and dismiss false positives to facilitate the remediation process and ensure a quicker time to fix issues.
Security values delivered to the customer:
- Both external and internal network risk down FROM critical TO medium during first quarter implementation.
- External network – low risk maintained for 7 months straight since the completion of the implementation.
- Internal Network – continuous VM practice enables system owners to remediate vulnerabilities as they are discovered.