Find It and Fix It: Integrated Vulnerability Management and Patching

• 网络安全和隐私 - 数据库安全
• 网络安全和隐私 - 网络安全

• 石油和天然气

• 离散制造
• 维护

• 网络安全
• 预测性维护

• 软件设计与工程服务
• 系统集成

SM Energy Company, an independent energy company engaged in the acquisition, exploration, development, and production of crude oil, natural gas, and natural gas liquids in onshore North America, was facing challenges in vulnerability assessment and patch management. With a team of only two individuals devoted to patching and scans, the organization was unable to put a formal remediation strategy in place due to lack of useful information. With over 700 users on the network located all over the United States, SM Energy was in need of a solution that would ease the burden of patching and increase the overall security program effectiveness without the high cost of redesigning critical infrastructure. They were using SCCM, Microsoft System Center Configuration Manager, as a standalone product, which required a lot of time to deploy patches and then validate that they were deployed correctly. However, there was no visible or measurable outcome from this patching effort that showcased if they were providing a better security stance.

SM Energy Company is an independent energy company engaged in the acquisition, exploration, development, and production of crude oil, natural gas, and natural gas liquids in onshore North America. The company operates in four core areas managed by four regional offices in Tulsa, Oklahoma; Billings, Montana; Midland, Texas; and Houston, Texas. Each office is staffed with a full complement of geologists, geophysicists, engineers, and landmen who have extensive experience in the region or basin where they work. The company has over 700 users on its network located all over the United States.

SM Energy Company chose Retina CS, a solution from BeyondTrust, to handle their needs. Retina CS is the only vulnerability management platform designed from the ground up to provide IT security professionals with context-aware vulnerability assessment and risk analysis. Retina’s results-oriented architecture works with users to proactively identify security exposures, analyze business impact, and plan and conduct remediation across network, web, mobile, cloud and virtual infrastructure. With the most powerful reporting and analytics capabilities in its class, Retina makes it easy to make smart decisions, effectively communicate risk, and report vulnerability management progress to executives and compliance auditors. Built to scale and perform in large environments, Retina CS provides centralized command and control over assessments of disparate and heterogeneous infrastructure. The Retina CS solution with patching services was able to comprehensively fulfill SM Energy’s needs, providing patch management and vulnerability assessment capabilities while maintaining the existing infrastructure including their SCCM implementation.

• Retina CS allowed for a scanning solution that was fully integrated with patch management and streamlined the patching process based on real security risk to their infrastructure.
• They were able to deploy patches directly from the Retina CS platform and automate the whole process.