Streamline Remediation: Evidence-Backed Vulnerability Management for PTaaS with the BreachLock Unified Platform

Unify your security testing with the BreachLock Unified Platform consolidating all your product solutions and test findings. Leverage a common data model, validate attack paths, and map your entire attack surface – all in one place.

BreachLock breaks down silos and connects solutions to deliver a unified view of your security landscape for comprehensive asset visibility. By leveraging the power of integration, BreachLock consolidates PTaaS, Attack Surface Management, Continuous Pentesting and Automated Scanning, as well as Red Teaming capabilities in one data model for endless clarity and reporting.

Unlock unparalleled operational efficiency, gain crystal-clear transparency, maximize the impact of your security testing, and confidently measure ROI—all with a comprehensive, centralized view of your security investments and outcomes.

PTaaS: Vulnerabilities

This capability showcases Penetration Testing as a Service(PTaaS) as part of the BreachLock Unified Platform and the Vulnerabilities feature integrated alongside BreachLock’s other offensive security solutions in the platform. BreachLock’s PTaaS model offers human-led or manual pentesting conducted by certified, in-house pentesters, as well as automated pentesting and continuous scanning, maximizing the flexibility and versatility to choose the solution and methodology that works best for organizations.

Within the platform, vulnerabilities appear under PTaaS and offer a cumulative, rolled-up view of all vulnerabilities discovered through the manual pentesting process.

PTaaS: Vulnerabilities Dashboard Overview

Vulnerabilities discovered are itemized and include the name of the vulnerability, the pentest the vulnerability is associated with, its risk severity, assets impacted by that vulnerability, when the vulnerability was identified, and lastly the ability to generate a rescan.

The user can search by a specific vulnerability, by risk, or by mitigation status.

PTaaS: Vulnerabilities Filtered by Risk

By clicking on “All Risks” the drop-down menu will appear with the option to filter by Critical (meaning a vulnerability representing the most severe level of threat leading to likely exploitation), High (these vulnerabilities are severe but typically less devastating but exploitation could significantly compromise systems), Medium (those that can cause harm but are less like to exploitable and may have a lower overall impact), Low (minor security implications or those that are difficult to exploit), or Informational (these do not indicate a vulnerability but might provide details about system behavior or configuration to improve security awareness).

PTaaS: Vulnerabilities Filtered by Mitigation Status

Adjacent to the “All Risks” tab is another drop-down menu in which users can filter between Unpatched (those vulnerabilities that have not been patched, updated, or mitigated yet), and Patched (those vulnerabilities that have been patched or updated).

Contextual Data

Users will also have the ability to investigate the vulnerabilities identified through pentesting more in-depth and review contextual data associated with each vulnerability. Contextual data is important in pentesting because it helps to understand the root cause, potential impact, and exploitability of a vulnerability, enabling more effective remediation and risk prioritization.

PTaaS: Filter by Vulnerability Severity

Users, for example, can filter for High severity and unpatched vulnerabilities as these would be very important to address right away.

PTaaS: Vulnerability Details

Vulnerability details will provide users with the following contextual data:

• Risk severity
• Name of the vulnerability
• # of Assets Impacted
• CVSS Score and CVSS Vector for which BreachLock supports both CVSS 3 & 4

• Vulnerability Description: This includes a description of the vulnerability itself, where it may have originated, and the potential impact if no action is taken. So, we are not just providing a line item rather it is part of a rolled-up view for better consumption of how many assets are affected with those specific vulnerabilities.
• Remediation Recommendation: This is an expert recommendation for remediation of the vulnerability.
• Assets Impacted: Each asset is labeled by whether it is identified for the first time labeled as “New Discovered”. Or it can be labeled as “Rediscovered” or a vulnerability that has been seen before and is rediscovered on this asset.

So, for example, if it is discovered for the first time, it is labeled “New Discovered”, and our experts will let the client know it is a newly discovered vulnerability and should pop up on their radar as new.

A newly discovered vulnerability can be discovered multiple times because every time it is associated with another asset – so, for example, two assets could be impacted by the same vulnerability but are different assets – basically a new vulnerability seen for the 1st time. In this case there is only one asset impacted.

• Proof of Concept: By clicking on each asset, the vulnerability history will appear on the impacted asset. This includes whether the vulnerability again is new or rediscovered, any updated findings, URLs that may be vulnerable, a description of the vulnerability and – most importantly – a Proof of Concept (POC) which is concrete evidence of the vulnerability demonstrating that it is not a false positive but a true positive and an actual risk to the organization.
• Vulnerability Standards: Vulnerability Standards refer to standards specific to an Industry and target asset type. For example: OWASP Top 10, – A1:2021 Broken Access Control, or OWASP ASVS L2, or NIST – Cyber Security Framework, and others. The vulnerability standards would be visible in this section.
• Compliance Standards: If the vulnerability discovered maps to any compliance framework requirements, then the compliance framework name will be visible. Compliance Standards might include, for example, SOC2, ISO 27001, PCI-DSS v4.0 etc.
• References: References refers to more information about the finding and how to correct it. BreachLock does provide a description and recommendation, but if the user would like to read/know about the vulnerability they can use reference link to study more.
• Comments: Lastly, comments can be left for the team about any vulnerability that needs to be reviewed or answered. Users can simply reply by adding a comment at the bottom OR add any comments the user might have as well.

Rescanning a Vulnerability

Automated rescans are important for pentests and are simple to “Rescan” in the BreachLock Unified Platform. A user might rescan a pentest or specific vulnerability to verify that the identified issue has been resolved, assess any changes made to the system, or check for new vulnerabilities that may have emerged. The benefits include confirming the effectiveness of remediation efforts, ensuring that no new risks have been introduced, and maintaining an up-to-date understanding of the security posture.

PTaaS: Vulnerability Rescan




Automated Rescans are available for each vulnerability. By clicking on a vulnerability, it will trigger the scan on all impacted assets and validation checks are executed for that vulnerability only.

• Mitigated: The “Rescan” box is now in gray meaning the automated rescan was or has been initiated. Rescans are often initiated to ensure that the vulnerability has been mitigated effectively and the controls put in place are working. And, if this is the case, the vulnerability will move to “Patched” vulnerabilities immediately.
• Not Mitigated: If the vulnerability is not properly mitigated, that means it still remains as unpatched, the assets will be labeled “rediscovered” which means the vulnerability is rediscovered on these assets. The Proof of Concept or evidence related against the asset will be updated as well.

By consolidating pentesting vulnerabilities, and test findings in one unified platform, organizations eliminate the inefficiencies of switching between multiple tools and systems centralizing automated workflows across all solutions and accelerating the remediation and reporting processes.

With findings all in one place, the BreachLock Unified Platform unifies analytics and shares insights across DevSecOps teams enabling faster decision-making based on real threats and their potential impact. With high-fidelity data, users can better understand vulnerable assets and why they may be business critical.

Watch all demos of The BreachLock Unified Platform here.

Author



Ann Chesbrough

Vice President of Product Marketing, BreachLock