Lineas Enables Effective Risk-Based Vulnerability Management (RBVM) with VulnDB
July 22, 2021 • RBS
As Europe’s largest private rail freight operator, it is critical for Lineas to maintain secure and available systems. Any interruption of operations could have a severe supply-chain impact on the partners that depend upon them. It is Christophe Rome’s mission, as Chief Information Security Officer at Lineas, to put in place an effective security program that mitigates the likelihood and impact of any such incidents.
As Lineas sought to optimize their cyber risk posture and response capabilities, Christophe faced a real challenge. He would need to create and improve governance, and implement enhanced monitoring, reporting and processing of the vulnerabilities affecting their systems. They needed a solution that in Christophe’s words, was more than “checkbox security”.
Lineas Enables Effective Risk-Based Vulnerability Management (RBVM)
“VulnDB has solved many challenges. For me, our vulnerability intelligence and vulnerability management processes are taken care of. Now it’s on to the next challenge.“
Christophe Rome, CISO at Lineas
With cyber resilience in mind, Christophe considered his limited resources, and recognized that his team would have to know where to prioritize their efforts in order to operate optimally. To achieve this, Lineas would need comprehensive and asset-centric vulnerability intelligence that could enable truly risk-based vulnerability management (RBVM).
VulnDB’s extensive research was the essential component that enabled Lineas to identify risk in a more comprehensive manner by quickly prioritizing and remediating vulnerabilities for better outcomes. Independently researched, VulnDB captures more than 258,000 vulnerabilities. Of those vulnerabilities, over 83,000 cannot be found in CVE and NVD, giving Christophe’s team a much more complete picture than organizations that rely on the public source.
The vulnerability entries in VulnDB contain detailed source information, extensive references, links to Proof of Concept code, solutions, and other valuable metadata. Combined with proprietary VTEM metrics and historical vulnerability data, VulnDB is Lineas’ single source of truth.
“For any vulnerability out there, or vulnerabilities that are being published, VulnDB is our ultimate source. That was the most important part for me – that this is the single source of truth. We don’t have unlimited time and resources; when we go to VulnDB we know that nothing else can be added to it. Let’s put it this way, if VulnDB doesn’t know it, nobody else does.”
VulnDB is Lineas’ long-term solution for vulnerability intelligence and RBVM challenges. With comprehensive, detailed and timely vulnerability data, Lineas can be confident that they are making effective risk-based security decisions.