At a Glance

Cisco Public

Cisco Vulnerability
Management Advantage
Reduce risk efficiently with data-driven vulnerability prioritization
Cisco Vulnerability Management (formerly Kenna.VM) is a scalable SaaS solution that Streamline and reduce
leverages real-world exploit data and predictive modeling to provide remediation effort and significantly
a real risk score of each vulnerability, helping security teams better prioritize their
remediation strategies. lower your business risk.
There are millions of vulnerabilities within your Cisco Vulnerability Management Advantage
enterprise and patching each one isn’t possible. enables more effective vulnerability management
Your security team struggles to understand which by aligning Security, IT, and business leaders around technology translates enterprise data and real-
vulnerabilities to prioritize, and your IT team faces a risk-based approach. Offered as software-as- world exploit activity into actionable intelligence to
long patch lists with little guidance. Meanwhile, a-service (SaaS), Cisco Vulnerability Management guide remediation efforts and resource allocation.
executive management needs to understand the helps you understand the true risk profile of each With Cisco Vulnerability Management, you can
business’s risk posture and how to mitigate a vulnerability within your organization. With risk confidently prioritize the vulnerabilities that pose a
future security disaster. scoring powered by data science, machine learning, real risk and confidently deprioritize the vast majority
and patented approaches to predictive modeling, that do not.
Cisco Vulnerability Management’s prioritization
© 2024 Cisco and/or its affiliates. All rights reserved.

Focus on the vulnerabilities that matter
Cisco Vulnerability Management analyzes billions
of pieces of information to understand what
attackers are doing in the wild. This ground truth
telemetry determines variables like the volume and
velocity of exploitation in the wild, if a vulnerability
has weaponized capabilities, and if it can be
exploited by malware. Combining this information
with internal security data, Cisco Vulnerability
Management determines the risk score of each
unique vulnerability and group of assets.
Cisco Vulnerability Management’s risk scoring
accounts for the number of instances of
each vulnerability in your environment, the
potential severity, and the assets that are
threatened. You will understand, in real time,
your organization’s risk posture and—more
importantly—the actions you can take to affect
the greatest impact on risk reduction.
© 2024 Cisco and/or its affiliates. All rights reserved.
With Cisco Vulnerability Management Advantage, you can:
• Stay ahead of high-risk vulnerabilities
using Cisco Vulnerability Management’s
patented predictive modeling, which forecasts
the weaponization of vulnerabilities with
a confirmed 94 percent accuracy rate.
This gives your organization the foresight
needed to remediate high-risk vulnerabilities
before attackers can mount an attack.
• Centralize your vulnerability data in one location
and connect to your ticketing system so IT knows
what to fix, how, and why. Cisco Vulnerability
Management can ingest and analyze security
data from a wide range of sources and transform
it into actionable intelligence. Bi-directional
communication and automated tracking keep
security teams informed about ticket progress.
At a Glance
Cisco Public
• Reduce risk fast with “Top Fix Groups” that
guide you on which vulnerabilities should
be fixed first and their impact on your risk
score. Vulnerabilities are prioritized based on
the risk score and not solely on how many
assets will be impacted, which generates an
increase in efficacy across all vulnerabilities.
• Investigate your risk score, benchmark
against industry peers, and report using
meaningful metrics and easy-to-understand
color coding. Detailed, highly customizable
reports with trendlines to show how the
organization’s risk posture has changed
over time to help build and maintain
confidence in the security team’s capabilities
and demonstrate measurable results.
 At a Glance
Cisco Public

Benefits Risk Meter

• Measure risk by combining vulnerability data, asset Cisco Vulnerability Management’s risk scoring factors in the number
information, and real-time threat intelligence of instances of each vulnerability in your environment, their potential
• Prioritize and proactively manage high-risk vulnerabilities that pose severity, and the assets that are threatened as a result of each of
the most risk to the organization those vulnerabilities.

• Predict the weaponization of vulnerabilities the instant they’re

discovered with predictive modeling technology
• Integrate with your vulnerability scanners, ticketing systems, and other
security tools and maximize efficiency across the organization
700 620 300
• Align IT and Security with evidence-based prioritization
and self-service remediation workflows

1000 0
High Risk Low Risk
 At a Glance
Cisco Public

Features and capabilities

Cisco Vulnerability Management Advantage Premier
If you’re ready to level-up your
Vulnerability Data Ingestion
vulnerability management, request a
Risk Meters (Asset Groups)
demo today to see Cisco Vulnerability
Scoring for Vulnerabilities, Assets, and Risk Meters
Management in action.
Top Fix Groups
Ticketing System Integration
Risk Meter Reporting
Learn more about Cisco
Peer Benchmarking (Risk Score, MTTR, Vulnerability Density)
Application Security module (Available Add-On)
Vulnerability Management
Remediation Analytics and Scoring Advantage at www.cisco.com.
Zero-Day Intelligence powered by Talos
Vulnerability Intelligence Tab within User Interface
Vulnerability Intelligence API

Add-Ons
© 2023 Cisco and/or its affiliates. All rights reserved. Cisco and the
Application Security module Cisco logo are trademarks or registered trademarks of Cisco and/
or its affiliates in the U.S. and other countries. To view a list of Cisco
Private Deployment trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party
trademarks mentioned are the property of their respective owners.
Test Enviroments The use of the word partner does not imply a partnership relationship
between Cisco and any other company. 953950113 06/24