Profile

The company pioneers breakthroughs in healthcare. With more than 50,000 employees across more than 70 countries, it offers an impressive portfolio of products and services, including medical imaging, laboratory diagnostics, point-of-care testing, healthcare IT, digital solutions, and automation, including clinical specialties.

Challenge

Siloed approach to patching vulnerabilities leading to poor visibility into risk

The company’s IT team took small steps to patch endpoints and servers using siloed tools such MS Update Manager, Ivanti Patch Manager & MS WSUS. They used Qualys Agent & Vurious (client’s own scanning tool) for vulnerability scanning and prioritization. This was a risk-averse approach, and the outcomes did not meet expectations. The team was cutting corners due to the legacy approach to patch management, resulting in a surge of vulnerabilities.

The paradox of this approach to patch management is that although the existing tools detected the vulnerabilities, they could not patch them in their entirety and did not have the speed to fix them within a stipulated time frame. They were also not able to get clarity on their software inventory, especially license optimization.

With more than 8000 devices running on Windows and Linux, the tools could not roll back patches in case of failure, had unfriendly dashboards, could not patch third-party applications, and couldn't reboot themselves. Moreover, the licenses were costly.

Patching and tracking system updates to mitigate risks became daunting tasks. These circumstances made the team decide to break the continuity of the existing patch management processes for better upkeep of their technology infrastructure.

Solution

Saner CVEM

To automate the patch management process across operating systems & third-party applications

Saner CVEM’s patch management module ensured a centralized perspective to enable better focus and insight into patch management. The shift to Saner CVEM granted the team the profound power to manage patches and the foresight to tackle any emerging vulnerabilities.

The platform helped identify and focus on the patching gaps across third-party applications running on Windows and Linux. Saner CVEM’s patch management module was integrated into its existing vulnerability scanning, detection, and prioritization tools to accomplish its risk reduction goals. The asset inventory module tracked IT assets and software licenses to help with asset use, cost control, and license optimization.

Saner CVEM for risk reduction

Saner CVEM, with its comprehensive coverage and patching of vulnerabilities helped the IT team to advance and accelerate their vulnerability management program.

1. Asset Exposure module

To provide detail and context to the catalog of endpoint assets

Ensured continuous visibility and control over IT infrastructure, enabling better control over IT assets. They were able to discover rarely used and outdated applications, track software licenses, and continuously evaluate the use of assets. Know more about AE module.

2. Vulnerability Management

To holistically scan and detect vulnerabilities

Comprehensive, proactive, continuous scans across every endpoint and server, assessed the status of vulnerabilities, the level of risk tolerance, the level of threat represented by each exposure, and vulnerabilities that need immediate fixes. Know more about VM module

3. Patch Management

To speed up patch deployment and remediate risks

Automated end-to-end patch management from scanning, prioritization, download, and testing to scheduled deployment ensured faster deployment cycles across every deployed device, eliminating manual interventions. Know more about PM module.

Saner CVEM patching cycle to speed up remediation

Client’s View

Before Saner CVEM, patching and vulnerability management consumed a significant portion of our team’s time and attention. Today, those processes run seamlessly in the background. The platform has brought consistency, confidence, and clarity to how we manage risk across our environment. With reliable automation and visibility into vulnerabilities, our team is no longer stuck reacting, we’re able to work proactively on strategic security initiatives. Saner CVEM is helping us strengthen our security posture without increasing operational overhead.

- IT Team

Outcomes

• Patch endpoints at speed and scale and gain clarity on patch compliance status

• Create reports on the patching status of the network

• Experienced in comprehensive visibility of endpoints and license management

• Reduced vulnerabilities by 90% across 18000 devices