RiskSense Unifies Application and Infrastructure Security Risk Management

RiskSense®, Inc., pioneering risk-based vulnerability management and prioritization, has announced a new version of the cloud-delivered RiskSense platform that harmonizes threat analysis, prioritization and risk scoring across network-based assets as well as applications, the company said.

Unlike competitive approaches which provide separate views of infrastructure and application vulnerabilities, RiskSense automatically calculates risk across CVEs and CWEs for a full-spectrum view.

To provide visibility across both infrastructure and application vulnerability risk exposure from development through production, RiskSense aggregates and normalizes outputs from multiple data sources including SAST, DAST, Open Source Software (OSS), containers, pen testing and bug bounty programs. This holistic approach enables organizations to easily pinpoint and fix vulnerabilities in their attack surface regardless of the application Stack, code weakness location, or infrastructure point.

RiskSense consumes heterogeneous vendor and application scanner data, including both CVE and CWE information, incorporates threat context, and calculates risk as a single unit of measure called the RiskSense Vulnerability Risk Rating (VRR) to deliver the highest-fidelity risk prioritization.

RiskSense®, Inc. provides vulnerability management and prioritization to measure and control cybersecurity risk. The cloud-based RiskSense platform uses a foundation of risk-based scoring, analytics, and technology-accelerated pen testing to identify critical security weaknesses with corresponding remediation action plans, dramatically improving security and IT team efficiency and effectiveness. For more information, visit www.risksense.com.