World keep changing and in the rapid way. No long ago we saw the changing landscape technology introduce by vulnerability management with “container security”. We can use to divide those who had it, work on it, and do not see it is part of the solution they will willing to integrate or work with 3rd party for it.
For past five years, for the initial introduce of Cloud Security and cloud based vulnerability scanner to vulnerability management. And now for those who possess it growing in the internet time be the large few player in the market. World keep repeat the same way, technology keep introduce, you either adapting it or you are out from the business. We saw player exist the market as well in the five year horizon, as the market, no really that long. If you can not commit resources for the head to head competition, better you give out and focus on other area you had the core strengths and competency.
As the industry established for so long, traditional vulnerability management (VM) market we saw long of changes, new technology, takeover, out of business, change of vendor direction, change of business model.
This article focus on few interesting topics.
Traditional vulnerability management market is now full of commercial and open source player. Include as well threat management (TM) player now offer vulnerability management (VM) through horizontal/vertical forward and backward integration or expansion. From the market and user point of view, total and unified solution, provide lower total cost of ownership continue to be strong value proposition. Unless it is hardcore and expert users, who depend on the specialized and more technical advance/complex tool and product solution, else generic and all-in-one product continue to provide massive benefits and market. It matter for the value, if you can not provide better functionality, then need to pricing right for it.
For professional and expert user who really know what it want to accomplish and possess the know how to do so. We are no surprising they use open source tool if they had the competency to do so.
Want we see most in the enterprise market is buyer more prefer report friendly tool and simple to operate and more “automation” feature set. This continue to be market dominance approach for big player, who will forward proposing more and more feature and functionality in the comprehensive offering. All commercial player aim to be prefer vendor for the chosen one.
For majority of buyer, most of them will settle down for generic all in one vulnerability management tool or suite, from affordable unlimited IP to those solution allow small IP node asset count, rather than commit huge IP block. Beware of the open source alternative keep provide alternative check whether the investment out weight the cost.
Few area of development is worth to following closely.
Toward Cloud. Despite it still had some very traditional industry and market do not accept cloud, but it is future proof and evidence all over the world how the cloud architecture solution do benefits the enterprise who adopted it. More and more enterprise infrastructure is migrated over cloud, if you still left behind in the cloud adoption in the right way, for sure, you will be spend lot of resources in the old fashion way. Cloud is not just about hosted on cloud, it also about automation, “cloud” system that go beyond traditional, capable to concurrent scan said 100k IP node at the same time. Just imagine, how much time you need to perform 100k IP assessment for the scanning if you do not do in the cloud way. It help the enterprise saving lot of time and money. More important, it provide the speed that traditional way can not be match. Scalability is another area, as they do not need to size up hardware and user is always paid by using thru subscription model, so no capital expenditure involved. Most of time we saw lot of people develop mis perception or maybe previously they are engage by no professional people mis to educate them correctly, and mis the opportunity to alignment the company resources for rapid business and technology transformation forward.
Container security. It a must for certain industry now. If your core business is on streaming video or data to mass market. Traditional vulnerability management fail on this due to speed and massive of streaming data they can not cope, this is why “container security” come in the age as the world evolved and require new form of technology.
DevSecOps. World toward cloud, online and speed, and adopted to DevSecOps as the way for be future forward and relevancy. Traditional way for separate process and wait for each other complete their stage before move to next stage manner is yesterday practice. Business now day demand application now and secure it immediately, where demanding for the automation, integration and instant end to end process. For traditional said just focus on dynamic application security testing (DAST) will found it out from the demand, where now the requirement is also provide static application security testing (SAST). Technology vendor who can provide it both and capable to integrate, automate all the process and workflow continue be relevant and needed for the future to come. Else, you need to lower your product pricing due to less value you bring into enterprise user use case and fulfil their business requirement.
Unified security, from infrastructure security to application security. Traditionally we saw player divide by the area, said application security, or enterprise vulnerability management field. As the market demand for the speed, we saw player from application security offering generic host vulnerability scanning. Same as well infrastructure security vendor offer application security or niche technology in their product suite portfolio (whether they take over another company or build in house for the technology).
Vulnerability correlation (VC) in more holistic and broaden area to make the data, intelligence can be leverage by other department and key result area (KRA). For example, for fit into Governance Regulatory and Risk Compliance (GRC) solution, co exist with Security Information and Event Management (SIEM) / Security Operation, provide vulnerability data for network and application security protection system for temporary “seal” the vulnerability to buy time for the developer fix their system, the opportunities and use case is limitless for leverage the information to benefits lot of related systems.
Vulnerability validation and exploitation testing or manual penetration testing. We expect the vulnerability management player either provide 3rd party support or integrated vulnerability assessment and pen-testing into single suite of product. This is also very appeal area we will look forward for the significant development. Surprising in case you are still no aware, it only had few main player on pen-testing, but we had lot of VM player. We also saw the recent development of pen-testing vendor offering VM as way responding to the market changes.
E-SPIN Group is active involved in vulnerability management and penetration testing (VMPT) business since 2005. We work with various of VM and PT supplier vendor and offering them as part of the solution that work for the enterprise market we served across the region of countries we do business. Feel free to contact our solution consultant for the business and partner requirements and opportunities.
The Official E-SPIN Blog 