Try our new research platform with insights from 80,000+ expert users

Vulnerability Management and Risk Management Integration

Does anyone have recommendations about methodologies (e.g. use of FAIR framework), plug-ins (ETL schemas, FOSS add-ons) or commercial/free solutions (like Kenna) that can help us during "integration, transformation and consolidation" of vulnerability into risks (from Tenable.IO to Archer)?

Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian Pereira
Information Security Manager at a retailer with 10,001+ employees
  • 3
  • 13
FollowingFollow
Share
PeerSpot user
Buyer's Guide
IT Vendor Risk Management
February 2026
Get the category report
Helped 884,696 peers since 2012

2 Answers

Last answered Nov 6, 2021
JD
James Dirksen
Chief Executive Officer at a tech vendor with 1-10 employees
User
Feb 5, 2021

Yes, take a look at DeepSurface. It’s designed to automate the process. 

Like(2)
Reply
Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian Pereira
Information Security Manager at a retailer with 10,001+ employees
Real User
Top 5
Feb 8, 2021

@James Dirksen thanks, i'll check it.

PeerSpot user
Product comparison that may be of interest to you
RSA Archer
  • 42 Reviews
Tenable Security Center
  • 56 Reviews
SG
Stewart Gwyn
Works
User
Nov 6, 2021

Clear use with the NIST compliance framework, Archer IRM 6.9.sp3.p2, use of pre-processing out of Archer and now integration with agnostic tools. 


FOSS or premium brands - all depends on your supply chain risk. 


Support for qualitative nice to get a bow-tie on when quantitative data works for you. Add your methods, AWARE, FAIR, COBIT, ATT&CK; all visuals.

Like(1)
Reply
Buyer's Guide
IT Vendor Risk Management
February 2026
Download Free Report
Find out what your peers are saying about Wiz, Tenable, Qualys and others in Vulnerability Management. Updated: February 2026.
DOWNLOAD NOW
884,696 professionals have used our research since 2012.
IT Vendor Risk Management
IT Vendor Risk Management helps organizations manage and minimize risks associated with third-party vendors, ensuring business continuity and compliance. This involves assessing vendor reliability, security practices, and performance metrics. Effective techniques are critical in reducing vendor-related risks that can impact an enterprise's operational effectiveness. Organizations incorporate these solutions to streamline risk assessments, oversee compliance, and automate risk evaluation...
Download IT Vendor Risk Management ReportRead more

Related categories

Vulnerability Management
IT Vendor Risk Management

Related Q&As

Jan 2, 2025
What are the main differences between RSA Archer, MetricStream and IBM OpenPages?
Sep 11, 2023
What are the differences between Tenable.sc and Tenable.io?