Want a hardcopy to share? Download as PDF

EXECUTIVE SUMMARY

THE
CHALLENGE

“Our biggest challenge prior to adopting Nucleus was the sheer volume of manual work and complete lack of automation.”

- Vulnerability Analyst
Like many organizations, the University security team struggled to effectively manage their vulnerability data, leaning heavily on scanners while manually compiling results into a spreadsheet before working to remediate. This process was labor-intensive, taking several hours to compile each scan and format data into a manageable workbook. To compound the issue, the analysts had no easy way to port notes from previous workbooks over to the fresh scan results, often relying on memory alone.

“We knew there had to be a better, more efficient method of compiling data, tracking, and remediating vulnerabilities.”

- Vulnerability Analyst

“There was maybe one other platform that deserved consideration. But, they were so unrealistically expensive, even for an enterprise of our size to pay, it made no sense.” 

EVALUATION
AND
EVOLUTION

Determined to find a tool that could offer effective automation and save precious man-hours, the security team set out on a comprehensive vendor review, compiling a list of 15 solutions across both established and newer-to-market vendors. Across seven months, the team dove deep into the capabilities of each, heavily weighting four key components:

  • Integrations
  • Flexibility
  • Price
  • Customer Service

Integrations. A key tenet to their search, the University was already invested in several scanning and security solutions that they wanted to maintain. They quickly learned many of the prospective vendors offered scanning capabilities of their own, which the University would be forced to adopt instead.

“Nucleus was one of the few solutions we looked at that ‘played well’ with everyone and was not going to force us to use one product over another.”

- Vulnerability Analyst

Flexibility. Another key point for Nucleus: flexibility with assets. The University wanted to leverage data from their entire suite of tools, while having plasticity to shape prioritization based on their unique business context.

“With Nucleus, we were able to adjust risk scores of assets, change criticality of vulnerabilities, and keep notes on our individual assets in a form other than a tag. We needed that.”

- Vulnerability Analyst

Pricing. While functionality was paramount to pricing, the University remained budget conscious. Finding that prices varied wildly from vendor to vendor, they were pleasantly surprised with the transparency and affordability of Nucleus, without sacrificing functionality.

“Being a higher educational institution, budget is always a concern. Nucleus was competitive in its pricing, saving us more on budget than its competitors, while offering more product features that were important to us.”

- Vulnerability Analyst

Customer Service. As a final key component to the evaluation, the University valued collaboration and wanted a partnership to help evolve their vulnerability management program, recognizing that ‘cookie-cutter’ wasn’t going to be the right approach.

“Customer service is a big focus for us, and Nucleus has exceeded our expectations. From the early stages of product demo, they were clear in what their product could and could not do and letting us know what was on their roadmap. Many companies will promise you the world to get you in the door and leave you hanging after. The team at Nucleus continue to this day to follow up to see how things are going and to address any issues.”

- Vulnerability Analyst

SEE WHY CUSTOMERS LOVE WORKING WITH US

Wondering if you should build in-house or work with a vendor like Nucleus?

THE
RESULTS

Nucleus is now the central source of data for “everything” at the enterprise’s security operations, and has expanded in scope and adoption into other business units. By having a complete picture of their assets in one shared platform, developers can better prioritize their work while also giving product managers insight and focus to optimize the security posture of their product.

“We set out to give power to the developers to visualize their data. We really wanted to remove the smoke and mirrors and put the security data directly in their hands without a middleman. Nucleus helped transform everyone into one large team, where everyone feels accountable for security.”

- Manager, Application Security​

Nucleus helped shift the culture by bringing vast sets of data from disparate tools into a central hub and giving users that information across function. Using the Nucleus platform for unified vulnerability management enabled the enterprise to get vital security information out from behind the curtain of the security team and into the hands and desktops of the developer team. Developers now take direct responsibility for security in their area and can act on the information in their lane.

“Nucleus cares and wants to build with you as a customer. I wish I would’ve found them sooner!”

- Manager, Application Security​

Nucleus remains committed to evolving with customers and their needs. To see for yourself, request a 2-week free trial or watch a demo-on-demand.