Try our new research platform with insights from 80,000+ expert users

Vulnerability Management and Risk Management Integration

Does anyone have recommendations about methodologies (e.g. use of FAIR framework), plug-ins (ETL schemas, FOSS add-ons) or commercial/free solutions (like Kenna) that can help us during "integration, transformation and consolidation" of vulnerability into risks (from Tenable.IO to Archer)?

Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian Pereira
Information Security Manager at a retailer with 10,001+ employees
  • 3
  • 6
FollowingFollow
Share
PeerSpot user
Buyer's Guide
IT Vendor Risk Management
January 2026
Get the category report
Helped 881,082 peers since 2012

2 Answers

Last answered Nov 6, 2021
JD
James Dirksen
Chief Executive Officer at a tech vendor with 1-10 employees
User
Feb 5, 2021

Yes, take a look at DeepSurface. It’s designed to automate the process. 

Like(2)
Reply
Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian Pereira
Information Security Manager at a retailer with 10,001+ employees
Real User
Top 5
Feb 8, 2021

@James Dirksen thanks, i'll check it.

PeerSpot user
Product comparison that may be of interest to you
RSA Archer
  • 42 Reviews
Tenable Security Center
  • 56 Reviews
SG
Stewart Gwyn
Works
User
Nov 6, 2021

Clear use with the NIST compliance framework, Archer IRM 6.9.sp3.p2, use of pre-processing out of Archer and now integration with agnostic tools. 


FOSS or premium brands - all depends on your supply chain risk. 


Support for qualitative nice to get a bow-tie on when quantitative data works for you. Add your methods, AWARE, FAIR, COBIT, ATT&CK; all visuals.

Like(1)
Reply
Buyer's Guide
IT Vendor Risk Management
January 2026
Download Free Report
Find out what your peers are saying about Wiz, Tenable, Qualys and others in Vulnerability Management. Updated: January 2026.
DOWNLOAD NOW
881,082 professionals have used our research since 2012.
IT Vendor Risk Management
IT Vendor Risk Management is essential for organizations to assess and mitigate potential risks associated with third-party vendors. It ensures compliance, security, and performance standards are maintained, protecting against potential threats from vendor relationships.IT Vendor Risk Management involves processes and tools that help organizations evaluate third-party vendors to maintain robust risk management strategies. This category helps identify and monitor potential vulnerabilities and...
Download IT Vendor Risk Management ReportRead more

Related categories

Vulnerability Management
IT Vendor Risk Management

Related Q&As

Jan 2, 2025
What are the main differences between RSA Archer, MetricStream and IBM OpenPages?
Sep 11, 2023
What are the differences between Tenable.sc and Tenable.io?