Home News C3M Risk Scoring Solves Enterprise Struggle of Alert Fatigue
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

C3M Risk Scoring Solves Enterprise Struggle of Alert Fatigue

by wrich


Industry-first framework quantifies high risk, high impact threats in the cloud for enhanced security team efficacy

7th July 2021, San Francisco, CA – C3M, a leader in Cloud Security Posture Management (CSPM) and Cloud Identity and Entitlement Management (CIEM) has continued its technological innovation with the launch of Risk Scoring – its unique framework designed to help identify, contextualise and prioritise alerts allowing cloud infrastructures to be better protected from ransomware and other cloud-based security risks.

Enterprise migration to the cloud using multiple third-party vendor solutions has resulted in an exponential rise in alert threats. With security teams overwhelmed with the sheer volume and alert fatigue a growing concern to the security of the organisation, C3M’s Risk Scoring Framework addresses the key enterprise challenges of false positives, inability to prioritise alerts and lack of visibility into alert impact.

C3M’s Risk Scoring is a customised, deep mesh in the cloud that follows the CVSS (Common Vulnerability Scoring System) framework and C3M’s own proprietary policy risk score framework. Analysing misconfigurations, in addition, to reporting on risks from connected or associated resources, C3M Risk Score comprehensively assesses every alert and delivers a risk score based on three factors:

• CVSS 3.1 Framework – using Exploitability, Impact and Scope criteria
• Risk Impact Factors – C3M intelligence with points based on attributes and risk factors of a resource with enterprises able to modify and adjust
• Alert Severity – based on the severity of a policy defined in C3M

The resultant risk score is rated between 1 and 10 and has four levels of Minor, Moderate, Major and Severe allowing security teams to immediately identify and resolve the most critical, high-risk threats that the enterprise is exposed to.

“Security teams face a flood of alerts from various cloud security solutions, with up to 100,000 in some organisations, where it is almost impossible to prioritise vulnerabilities. With up to 75% of alerts being false positives, much time is lost triaging leading to alert fatigue and worryingly, alerts being ignored. This is a perfect scenario for sophisticated attacks on the enterprise and digital supply chains,” said Paddy Viswanathan, CEO and Founder, C3M. “C3M’s Risk Scoring protects cloud infrastructures from attacks. For the first time, it enables enterprises to conclusively and comprehensively identify and prioritise vulnerabilities based on risk and impact, regardless of the amount of alerts they receive and alleviate alert fatigue. Risk Scoring is the natural evolution of cloud security and is yet another unique technical innovation from C3M to help build trust for enterprises’ in their cloud security operations.”

Risk Scoring is part of the default CSPM package from C3M and will be available as a free update to existing customers. It is offered in addition to the out of the box controls as standard in the C3M Cloud Control platform which checks for known attack paths in the cloud, including ransomware and many others.

About C3M
C3M, LLC is a San Francisco headquartered Cloud Security solutions provider. C3M’s Cloud Control is a 100% Agent-less, API based, cloud-native security solution that offers organisations complete cloud control through automated security intelligence, giving them actionable insights into the cloud, its security, and infrastructure, while also auto-remediating any security violations it detects. C3M Access Control helps enterprises gain complete control over identities and infrastructure entitlements, and right size identity privileges.


You may also like