Overview

Every organization has to deal with the ever-growing number of vulnerabilities that exist, while at the same time, working with multiple tools covering different aspects of the security ecosystem, whether that be cloud, code analysis, etc.

Each of these tools approaches the vulnerabilities from a different perspective, with different scoring, for example severity as opposed to importance, and different formatting depending on the area of the security stack that the tool covers.

In addition, while security teams are tasked with finding the vulnerabilities, in most cases, it is the IT, DevOps or R&D teams that are required to fix them.

Seemplicity automates the vulnerability process. We collect the Findings from the different tools, normalize and aggregate them, and present them in a single place in a uniform format.

This enables you to create remediation workflows that can create backlogs for the teams that need to fix these Findings. In addition, Seemplicity connects to your ticketing systems, enabling you to create and manage tickets for the relevant teams, thereby putting the problem in front of the people who can actually fix the Findings.

Lastly, Seemplicity uses SLAs and dashboards to help you track the efficacy of your remediation workflows throughout the different parts of your organization.

Centralize

Seemplicity interfaces with all of your tools to collect all of the Findings in your environment. The Findings are presented in a single pane of glass, collected from your Data Sources, normalized, aggregated, and de-duplicated.
The information is presented as a holistic perspective of your organization, whether it be your AWS accounts, code repos, endpoints, and so on.

Data Sources

Every organization has a large number of security tools they use that provide insights about various categories of vulnerabilities in the organization (VMs, cloud misconfigurations, etc.). Seemplicity collects the Findings from all of these different tools in your organization through integrations, called Data Sources.

Findings

Findings are the issues that are ingested from your Data Sources. Each Finding is ingested with its own set of fields and data. After the Findings are ingested, they are normalized, de-deduplicated, and aggregated.

Normalization

Normalization is the process of taking Findings from the different Data Sources and recalibrating it so the information is presented in a uniform manner. Seemplicity takes the different definitions from your tools, and normalizes them so they are presented and formatted consistently throughout. The information is presented in Seemplicity dashboards so you can understand how the entire organization is performing.

De-duplication and Aggregation

Seemplicity is able to identify duplicate items that are ingested from the multiple Data Sources you are using and combine them into a single item. Furthermore, Seemplicity processes multiple Findings with the same solution and aggregates them into one solution.

Prioritization

Once the Normalization, aggregation and deduplication processes are complete, and a more efficient list has been created, you can now prioritize these items based on your criteria. For example, you might want to prioritize based on the resource on which the Finding is located, severity, or more.

Prioritization enables you to determine which of the Findings are most important. This leads to more manageable Remediation Queues that present your various teams with a reasonable task list they can execute.

Operate

Using Scopes and Filters, Seemplicity can help you focus on the Findings that you determine are the most important. In addition, once you have the items you want to focus on, Seemplicity enables you to build automated workflows to get the Findings to the right people. Also, you can interface directly with your ticketing system to open, update, and close tickets for the relevant stakeholders. Using the Remediation Queue, you can also ensure that teams are presented with a realistic workload that increases the likelihood of closing out the items in the queue.

Scopes and Filters

Scopes and Filters are both used to get a more granular look at the Findings in your organization.

Scopes define the resources, or organizational segments, from which you want to retrieve Findings. Reviewing the Findings in your organization through this lens, enables you to focus on the most important areas in your organization.

Filters define the characteristics, or parameters, based on which you want to retrieve Findings. Reviewing the Findings in your organization through Filters enables you to focus on sets, or types of Findings, based on the specific traits, as opposed to where in the organization the Findings are generated.

Workflows and Remediation Queue

The Remediation Queue enables you to automate which Findings are the responsibility of which team in the organization. This inherently makes the life of both the security and development teams easier by ensuring that the right people are addressing the issues that they can actually fix. As part of automating the remediation process, Workflows are used to visualize the process the organization implements.

In addition, you can prioritize and limit the Remediation Queues to make sure that

• the most crucial Findings are being addressed
• there is a realistic number of Findings in the queue, which increases the chances the items will be resolved.

Ticketing

Seemplicity interfaces with the ticketing systems that your organization uses so you can create, update, or close your tickets directly from the Seemplicity platform. Within the Remediation workflow, you can determine when tickets should be opened, for which team, on which project. As the relevant Finding is fixed, tickets are updated, and eventually closed.

You can also use the ticketing system to have the security team review tickets with exceptions (rejected, won’t be fixed, etc.) to ensure that nothing critical is missed.

Track

Seemplicity provides you with the tools to track and present your organization’s performance in various areas. You can create Rules to follow SLA compliance, use different dashboards to present various metrics (per Scope, Remediation Queue, and more), and get the insights to make sure that you improve and maintain efficient security posture.

Rules

Rules are used in Seemplicity to manage various automation processes. For example, you can have rules that will lower the score on a Finding to align with the environment in which the Finding was found, or you can create a rule to determine the proper SLA for a Finding that has been deemed high or critical.

Finding Status

Finding Status rules automatically change the status for Findings that are ingested based on a specific Filter and Scope. This enables you to reduce noise by automating the remediation flow for a set of Findings.

For example, all Findings with a given tag, e.g. Archived, can automatically be given the status Inactive so your security teams won’t waste time on these items.

Also, you can create a rule for Findings of a specific type or title to be changed to an Exception. Within the rule, you can determine for how long the Findings stay as an exception.

Scoring

Scoring rules enable you to apply factors to the Findings in your environment. This is especially important in helping you determine priority. For example, if there is a Finding that is ingested with a score of 10, meaning it's obviously critical, however it's found on your development environment that has no external access, and therefore is not as critical, you can apply a factor of 0.8, automatically bringing the score down to an 8. This would also, presumably, change the criticality from Critical to High.

SLA

SLA rules are used to determine the SLA to apply to a set of Findings. This can then be used to prioritize remediation, track performance, and prioritize remediation.

You can create SLA rules based on the existing Scopes and Filters in your organization, and determine what the desired number of days to remediation should be.

In your dashboards, you can track SLA compliance based on these rules, SLA status, and more.

Dashboards

Dashboards provide you with a high-level view of different aspects of your organization. You can view information for SLA Compliance, including items that are upcoming and past due, or see how the organization is trending with a New vs Closed Findings dashboard.
The Dashboards provide a visual means for you to quickly identify how you are doing in various areas and see which issues across the organization need to be addressed.