Vulnerability maps display connections to vulnerabilities between and within applications, enabling security teams to see which of the workloads’ vulnerabilities are highly exposed. In addition, vulnerability maps display an attacker’s potential lateral pathways.
Vulnerability management solutions use vulnerability scores, which are typically the combined Common Vulnerability Scoring System (CVSS) scores of the vulnerabilities found in a workload. Vulnerability scores, while valuable, do not take into account a workload’s connectivity relative to other workloads in an environment.
The Illumio Adaptive Security Platform® (ASP) uses the open industry-standard, community-accepted CVSS, which can be scored by an enterprise, and combines this with information on how many workloads can potentially connect with the vulnerable workload—the actual "reachability" of the vulnerable workload—to calculate a Vulnerability Exposure Score. IT operations and security teams use this information to prioritize patching and implement micro-segmentation as a compensating control if the time is not right to patch the application.
Illumio ASP also allows you to model micro-segmentation as a compensating control in test mode. In this mode, traffic is not blocked, but there will be an alert if it does not conform to policy. If traffic is connecting into a port with a known vulnerability, the vulnerability and its severity is included in the traffic alert to inform the security operations center (SOC) of a traffic violation, and that it is connecting to a port with a known vulnerability on it.