Back

NetSPI Adds Risk Scoring to its Penetration Testing and Vulnerability Management Platform

As a part of a risk-based vulnerability management program, organizations can leverage NetSPI’s risk scoring for industry benchmarking, prioritization of security activities, and more.

Minneapolis, Minnesota  –  NetSPI, the leader in enterprise penetration testing and attack surface management, today announced the addition of risk scoring to its ResolveTM penetration testing and vulnerability management platform. In conjunction with Penetration Testing as a Service (PTaaS), NetSPI’s risk scoring intelligence helps its clients prioritize, manage, and remediate the vulnerabilities that present the greatest risk to their business. 

NetSPI’s new risk scoring capabilities dynamically integrate into PTaaS to provide both a granular vulnerability risk score as well as an aggregate risk score for an organization and its projects, assets, applications, and networks. Risk scoring is only available to NetSPI clients that leverage its penetration testing services.

The risk scores serve as a quantitative metric for risk reduction over time, cybersecurity spend validation, resource allocation, and industry benchmarking. NetSPI’s risk score enables organizations to incorporate business context and the respective threat landscape to accurately prioritize remediation of vulnerabilities.

“There are varying approaches to assigning vulnerability severity, but risk today extends far beyond individual vulnerabilities,” said Jake Reynolds, Head of Product at NetSPI. “The key is to recognize the risks most likely to disrupt the business, identify the threats that would increase those risks, and prioritize the most appropriate mitigations to protect your organization from those threats. NetSPI’s risk scoring does just that.”

According to Gartner[i], organizations with a risk-based vulnerability management program are expected to experience 80% fewer breaches.

“Reactive cybersecurity is a thing of the past. Security leaders must get proactive and take a risk-based approach to stay ahead of today’s adversaries,” said NetSPI President and CEO Aaron Shilts. “Our risk scores enable NetSPI clients to make proactive security decisions based on their unique risk factors. In other words, it allows them to confidently allocate budget and resources to the vulnerabilities that matter most.”

Learn more about PTaaS online here or contact us for a demo of NetSPI’s penetration testing and vulnerability management platform, Resolve™.


[i] Gartner, 2019 – Forecast Analysis: Risk-Based Vulnerability Management, Worldwide (Gardner, Dale)

About NetSPI

NetSPI is the leader in enterprise security testing and attack surface management, partnering with nine of the top 10 U.S. banks, three of the world’s five largest healthcare companies, the largest global cloud providers, and many of the Fortune® 500. NetSPI offers Penetration Testing as a Service (PTaaS) through its Resolve™ vulnerability management platform. Its experts perform deep dive manual penetration testing of application, network, and cloud attack surfaces, historically testing over 1 million assets to find 4 million unique vulnerabilities. NetSPI is headquartered in Minneapolis, MN and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures. Follow us on FacebookTwitter, and LinkedIn.

Media Contact:
Tori Norris, NetSPI
victoria.norris@netspi.com
(630) 258-0277

Discover how the NetSPI BAS solution helps organizations validate the efficacy of existing security controls and understand their Security Posture and Readiness.

X