Clarus is an end-to-end vulnerability management service used by organisations to identify, highlight and manage vulnerabilities. The Clarus service encompasses vulnerability identification and analysis by skilled security consultants.
What is Clarus?
Clarus delivers vulnerability management for our clients – managing the entire process from deployment, delivery of continuous scanning, through to the creation of actionable insights via our intuitive and easy to interpret vulnerability remediation tracker.
Our approach at Clarus adds the human element which is often found missing from today’s overly automated approach to vulnerability scanning. Our experts remove the complexity and ‘noise’ associated with automated vulnerability scanning and deliver actionable insights that enable organisations to undertake timely risk-based activity which has been shown to reduce the likelihood of a cybersecurity breach.
The Clarus Model
1. Deployment and Continuous Assessment
Weekly, monthly or quarterly; internal, external or both? It’s your call. We work with you to agree the most appropriate timing and location for the active scanning. What is important is to understand that every environment is unique and so should be your approach to vulnerability scanning.
We use a bespoke configuration profile to achieve the best results. By correctly tailoring the configuration of the scanning platform against the technology base within the environment, and through advanced configuration settings, the Clarus approach delivers a deeper level of assessment.
2. Intelligent Analysis
Human intelligence not artificial. By leveraging our attack-led knowledge, gained through extensive security testing and in response to real life cyber incidents, scan data is interrogated and the raw data critically assessed. We remove false-positives, eliminate noise (findings that have no risk impact or informational notes that add no value) and most importantly, re-categorise risk levels for individual findings based on real-world knowledge of how vulnerabilities are leveraged.
3. Remediation Tracking
Who needs a 300 page autogenerated report when what you need is actionable insights? Clarus provides a highly scalable, cloud-based remediation tracker. It is built on enterprise grade software that has been developed in response to the need to help organisations undertake timely risk-based remediation and is clearly shown to reduce the likelihood of a cybersecurity breach.
Within the Clarus portal, the detail of each vulnerability has been captured in an innovative and easy to interpret vulnerability remediation tracker. This is used to track vulnerabilities from discovery to remediation. Future scans are then used to validate successful remediation and identify exposure to new vulnerabilities.
- Human analysis
- Clear business focussed advice
- Actionable and prioritised insights
- Reduce the likelihood of a cyber breach
- Enterprise-grade solution
- Accessible to all – SME to large scale organisations
Legacy approaches to vulnerability management rely on automated tools and the output of a standard generated report. These often contain superfluous findings, false-positives and incorrectly assigned risk ratings. This level of noise creates a technical barrier against organisations being able to make informed decisions and can lead to an increased likelihood of a breach.
What is needed is intelligent analysis of the automated data.
Clarus addresses this market need by putting the human element back into automation and providing the capability to identify and remediate security related vulnerabilities in a timely manner. Vulnerability data is validated and translated into a business focussed, cloud-based, remediation tracker, thus removing the technical barrier and enabling organisations to directly reduce the likelihood and impact of a breach.
“Working with Clarus has always felt like a partnership. The team has worked with us to create a bespoke approach to vulnerability scanning that is tailored entirely to our business needs. We find the most useful aspect of the service is the intelligent analysis of the output to turn complex data into actionable output.”The Institute of Chartered Accountants of Scotland (ICAS)