C3M, a leader in Cloud Security Posture Management (CSPM) and Cloud Identity and Entitlement Management (CIEM) has continued its technological innovation with the launch of Risk Scoring – its unique framework designed to help identify, contextualize and prioritize alerts allowing cloud infrastructures to be better protected from ransomware and other cloud-based security risks.
Enterprise migration to cloud using multiple third-party vendor solutions has resulted in an exponential rise in alerts. Security teams are overwhelmed with the volume and alert fatigue. C3M’s Risk Scoring Framework addresses key enterprise challenges of false positives, inability to prioritize alerts and lack of visibility into alert impact.
C3M’s Risk Scoring is a customized, deep mesh in the cloud that follows the Common Vulnerability Scoring System framework using C3M’s proprietary policy risk score framework. From analyzing misconfigurations, to reporting on risks from connected resources, C3M Risk Score comprehensively assesses alerts and delivers a risk score based on three factors:
- CVSS 3.1 Framework
- Risk Impact Factors
- Alert Severity
Also Read: Three Things CISOs Want Everyone to Know
Resulting risk scores are rated between 1 and 10 attributing four levels of Minor, Moderate, Major and Severe. Security teams immediately identify and resolve the most critical, high-risk threats to the Enterprise.
“Security teams face a flood of alerts from various cloud security solutions, making it impossible to prioritize vulnerabilities. With up to 75% of alerts being false positives, time is lost triaging, leading to alert fatigue and alerts being ignored. A perfect scenario for sophisticated attacks on the Enterprise and digital supply chains,” said Paddy Viswanathan, CEO, C3M. “C3M’s Risk Scoring protects cloud infrastructures from attacks.
Enterprises conclusively and comprehensively identify and prioritize vulnerabilities based on risk and impact. Risk Scoring is the natural evolution of cloud security and is a unique technical innovation from C3M.”
Risk Scoring is part of the default CSPM package from C3M. It is offered in addition to out of the box controls in the C3M Cloud Control platform that checks for known attack paths in the cloud, including ransomware.
For more such updates follow us on Google News ITsecuritywire News.