Orro has launched its Continuous Threat Exposure Management (CTEM) managed service.
The company said the managed service addresses critical pain points in vulnerability management by focusing on risks and threats, rather than just theoretical vulnerabilities.
Orro said its CTEM uses an AI-powered platform to unify data from over one hundred security tools, after which it applies business context. The company claims this allows security teams to identify which handful of exposures out of thousands threatens operational continuity and therefore require immediate focus.
“Australian security teams are working harder than ever, but many still can’t answer basic questions their boards are asking, including ‘are we safer than last quarter?’ and ‘what are our most critical exposures?’” said Orro’s chief executive, Daniel Greengarten.
“This is why we’ve launched our CTEM service as it represents a fundamental shift from asking ‘what’s broken?’ to asking ‘what actually threatens our business?’ For organisations drowning in vulnerability data but starving for clarity, this changes everything.”
Orro’s CTEM is built on the Rapid7 Command platform and is managed by Orro’s National Cyber Defence Centre. The company claims the managed service provides a systematic, evidence-based approach to risk management to satisfy both board and regulatory requirements.
“We see this challenge every day with a lot of Australian businesses where security teams are receiving thousands of high and critical vulnerabilities demanding immediate attention,” said Manuel Salazar, Orro’s director of cyber services.
“Traditional vulnerability management says to patch everything, but that’s operationally impossible,” he continued.
“CTEM provides the context that’s been missing. Instead of just CVSS scores, we factor in where the asset sits, its importance to the business, whether attack paths are exploitable, and if existing controls are working. This approach ensures that a CVSS 9.8 vulnerability on an isolated test server is appropriately deprioritised, while a CVSS 6.5 vulnerability on [an] internet-facing customer portal, which is critical to business operations, moves to the top.”
_(30).jpg&h=142&w=230&c=1&s=1)
_(25).jpg&h=142&w=230&c=1&s=1)
.jpg&w=100&c=1&s=0){kind=logo}
