What tools/services do you use for CTEM (continuous threat exposure management)?

Threat & Vulnerability Management Threat Intelligence & Incident Response

812 views3 Comments

Sort by:

CISO in Manufacturinga month ago

We use several CTEM tools, but Ionix is our main platform. It quickly discovers assets, validates findings and ranks risks, helping us prioritize remediation.

VP & CISO in Healthcare and Biotecha month ago

Might not be what you define as CTEM, but we use BitSight for monitoring our external attack surface. It finds assets we might not see with scanners. Qualys has a module called Threat Protect that is good for surfacing what to work on.

CISO in IT Services2 months ago

Our core CTEM solution is Microsoft Defender for Endpoint, specifically the Threat and Vulnerability Management feature known as Exposure Management. It provides continuous visibility, prioritization, and remediation across our environment.

Content you might like

What sorts of failsafe processes/controls, etc, do you rely on to make sure terminated or suspended employees’ access credentials are revoked immediately? Does your org generally rely on direct communications from HR or do you have an HRM or similar system to automate this?

Excluding CVE, what other vulnerability databases/info sources do you use currently? Have you developed any contingency plans to lean on in case the CVE program loses funding?

How do you manage risk with contractors in your supply chain?

Keep hard copies and file paperwork13%

Update spreadsheets to create reports44%

Use a digital supply chain management solution27%

Partner with a third-party vendor11%

Other (comment below)3%

View Results

What are you working on to improve your threat hunting program (whether near- or long-term)?

Are you concerned about network security for your remote workers?

Not concerned at all8%

Slightly concerned49%

Moderately concerned26%

Significantly concerned14%

It’s our top priority1%