NopSec Increases Automation to Make Remediation Up to 3X Faster

Unified VRM Now Offers Security and Operations Teams Advanced Task and Workflow Automation and Expanded Ecosystem of Technology Integrations

NEW YORK, NY--(Marketwired - Oct 1, 2015) - NopSec, a provider of vulnerability risk management and remediation solutions, today announced the latest version of its Unified VRM platform to help security professionals rapidly reduce remediation time through enhanced workflow automation and risk reporting.

"Information security professionals build in multiple layers and follow numerous roadmaps and standards to defend their digital borders, yet organizations still get hacked," noted Arnold Felberbaum, strategic advisor to NopSec, former CISO, and adjunct professor in Information Security at NYU Polytechnic School of Engineering. "Organizations cannot rely on compliance requirements and frameworks to avoid the dreaded data breach -- rapid remediation is key."

Organizations need to rethink their approach to vulnerability risk management, especially as it pertains to the remediation of security vulnerabilities. According to the 2015 Verizon Data Breach Investigations Report, 99.9 percent of vulnerabilities were exploited over a year after they were disclosed. NopSec customers rely on the Unified VRM SaaS platform to quickly prioritize the vulnerabilities that present the most risk and fix them before they are exploited. In less than one year, NopSec customers cut their average time to remediation from 190 to under 60 days -- resolving potential issues 3X faster.

Advancing Automation
Unified VRM delivers the most advanced automation capabilities for vulnerability management and risk remediation. Comprehensive task management and workflow automation updates allow users to automatically assign ownership for vulnerability tickets based on asset tags. In addition, the platform powers improved collaboration and best practice sharing among remediation teams via a remediation-aiding search engine and crowd-sourced remediation advice tool.

The platform now integrates with Microsoft's Systems Center Configuration Manager (SCCM) to further automate the patch management process for Windows vulnerabilities. In addition, automated executive-level reports on scanning and remediation trends help CISOs zero in on and prioritize top threats to accelerate the remediation process. Making security data easier to digest is critical; organizations need ready access to a comprehensive, visual report that includes scanning information and remediation patterns.

With the new capabilities, NopSec now provides security professionals a better way to properly assess security program effectiveness. "The security industry is in a 'breachmaggedon' of sorts; success simply can't be measured by the number of patches we apply or tickets we close," noted Felberbaum. "Instead, we need to be looking at how much risk we are removing from our environment -- and how quickly." 

Expanding the Ecosystem
NopSec continues to grow its technology network, adding important integrations in the latest version of Unified VRM. The platform now integrates directly with ServiceNow and Jira for automatic, bi-directional ticket and task management -- supporting significant collaboration and productivity enhancements across security and IT teams. Improvements to the Qualys integration now allows for automatic imports of asset tags that provide richer context and enable better prioritization of vulnerabilities.

"Organizations must close the window between vulnerability detection and remediation. Today, it takes organizations over 100 days on average to remediate a security vulnerability," adds NopSec CEO, Lisa Xu. "Our Unified VRM platform is designed to give security and IT teams the tools they need to improve how they manage vulnerability risks and avoid costly data breaches by drastically reducing the time to remediation."

For more information, visit

NopSec provides precision threat prediction and remediation workflow solutions to help businesses protect their IT environments from security breaches. The company's flagship product, Unified VRM, is based on a flexible SaaS architecture that provides intelligent context to vulnerability data, enabling security teams to visually forecast threat risk to dramatically reduce the turnaround time between identification and remediation of critical security vulnerabilities across infrastructure and applications. NopSec has been recognized as one of the 20 Most Promising Enterprise Security Companies of 2015 by CIO Review and named to CRN's list of Emerging Security Vendors for four consecutive years. NopSec is based in New York, NY. For more information, please visit

Contact Information:

Media Contact:
Kim Pegnato
PR for NopSec