PlexTrac Introduces Proactive Risk Quantification With New Priorities Module

Industry’s first configurable contextual scoring engine allows service providers and enterprises to prioritize risk from a range of offensive security data sources

Boise, ID, February 20, 2024 (Newswire.com) — PlexTrac, the leading provider of SaaS-based pentest reporting and offensive security risk management solutions, today announced the launch of its Priorities Module, featuring the industry’s first fully configurable contextual scoring engine. This innovative addition to the PlexTrac platform empowers security service providers and enterprises to proactively leverage offensive security data, prioritize risks, and drive continuous risk reduction through streamlined workflows and advanced analytics.

“Most organizations find that complete vulnerability remediation is quite improbable. This is due to a variety of reasons, such as limited resources, lack of comprehensive prioritization or impractical patching. Hence, it is imperative to discern the critical from the noncritical vulnerabilities. SRM [Security & Risk Management] leaders must make pragmatic decisions to make VM [Vulnerability Management] more manageable. A key principle should prioritize vulnerabilities actively exploited in the wild and the potential business impact of their exposure.” — Jonathan Nunez,  Sr. Director Analyst, Security Operations at Gartner® in The Top 5 Elements of Effective Vulnerability Management, validated January 9, 2024 (Originally published September 23, 2022).

Immediately available as part of the PlexTrac platform, Priorities enables security teams to track and identify underlying issues within pentest and offensive security data, utilize the industry’s first configurable context-based scoring engine to prioritize risk, and track remediation progress of high-impact issues to close the loop on continuous validation. Unlike other solutions that offer limited customization, PlexTrac provides unparalleled visibility into risk factors, enabling teams to make informed decisions and prioritize remediation efforts effectively.

“PlexTrac’s new risk-based prioritization capabilities will help us shift from point-in-time testing to more continual engagements — enabling us to provide deeper value to each client by customizing a contextual risk scoring equation that clearly communicates their highest impact risks on an ongoing basis,” said Dahvid Schloss, Director of Offensive Security, Echelon Risk + Cyber. “This will demonstrate the value of the work we’re doing and allow our clients to dynamically consume their data and trending risk scores from within PlexTrac.”

The Priorities Module is built to accommodate, measure, and prioritize risk from various sources, including PTaaS and attack simulation tools, as well as manual testing efforts. PlexTrac’s implementation of contextual scoring ensures transparency and clarity, eliminating black box scoring and providing comprehensive insights into risk factors.

Key features of the PlexTrac Priorities Module include:

• Contextual Risk Awareness: Drives automated, contextual risk awareness tailored to organizations’ unique risk tolerances, facilitating a deeper understanding of the impact on the organization.
• Automated Workflow Support: Enables automation and efficiency across the end-to-end offensive security lifecycle, from assessment to remediation.
• Aggregated Data Management: Consolidates offensive security data from various sources, including PTaaS and BAS tools, providing real-time visibility, analytics, and visualizations.
• Trend Identification: Identifies problematic trends within offensive security data to resolve underlying issues and prevent future risk recurrence.
• Continuous Risk Reduction: Demonstrates a continuous reduction in risk through continuous validation, proving the effectiveness of remediation efforts.

“PlexTrac’s Priorities Module is a game-changer for service providers and enterprises seeking to quantify and take action on highest severity risks as part of a comprehensive exposure management strategy,” said Dan DeCloss, CTO, PlexTrac.  “By enabling customers to contextually prioritize risks, measure progress, and demonstrate that they’ve fixed what they’ve found, PlexTrac is uniquely positioned to help customers conquer the last mile of continuous validation.”

PlexTrac Author At PlexTrac, we bring together insights from a diverse range of voices. Our blog features contributions from industry experts, ethical hackers, CTOs, influencers, and PlexTrac team members—all sharing valuable perspectives on cybersecurity, pentesting, and risk management.