Isn’t RankedRight just manual triage?

No, while vulnerabilities continue to be prioritised in order of impact to your business - just as if your team had done it manually - their time will now be free to do the work of remediating the vulnerabilities in order of importance, ensuring your business is far better protected. 


Using our triage library, you are able to create, build and save Stored Ranking Profiles (SRP) so that when you enter new vulnerability data, the results are automatically available prioritised the way you want them and assigned to the right person or tool. 


Most importantly, RankedRight learns your environment which means you can prioritise based upon the average time it takes to remediate vulnerabilities and help you become more efficient. 


RankedRight can prioritise vulnerabilities from multiple sources, not just one scanner, and provides the framework for you to create your own unique ways of triaging vulnerabilities.

How does RankedRight compare to other vulnerability prioritisation technologies?

We believe that only your Information Security team can prioritise your company's vulnerabilities in a meaningful way and this is why, unlike other prioritisation technologies, our tool lets you set the rules. This means you can override any standard scoring and rank vulnerabilities on how they will affect your services and devices. 


You'll also gain access to triage library, to which we are continually adding more intelligence sources, datapoints and examples, allowing for greater flexibility when it comes to building a solid prioritisation process.

Does RankedRight work with Tenable.io scans?

Yes, at present we currently support Tenable, Rapid7 and Qualys scans. We are continually expanding our accepted vendors. If there is a vendor that you would like us to support, please let us know and we will get right on it!

Does RankedRight work with ServiceNow?

Yes, you can use our API to connect with any ticketing system. We shall soon be launching pre-built connectors to popular vulnerability management tooling with Jira and ServiceNow being top of the list. If there is a particular tool that you would like us to support, please let us know and we will get right on it.

We've found similar solutions expensive, do you charge per asset?


No, our pricing is fixed at £1,500 + VAT per month, regardless of the number of assets in your organisation.

Can I speak with you to get more information?

Yes, and if you are interested in hearing how you can resell or include RankedRight in your vulnerability management service, please get in touch.

My organisation has different priorities in different business units, can I still use RankedRight?

Yes, users can create an unlimited number of Stored Ranking Profiles (SRP). Either the vulnerability data or SRP can then be assigned to individuals in other business units according to your cyber governance model.

Isn’t RankedRight just manual triage?

No, RankedRight isn’t manual triage. It is a platform that allows you to automate an organizational framework that rank’s your vulnerabilities and ultimately helps protects your assets.
Using our triage library, you are able to create, build and save your Stored Ranking Profile (SRP) so that when you provide new vulnerability data the results are automatically available prioritized the way you want them and assigned to the right person or tool.
Most importantly, RankedRight learns your environment e.g., you can prioritize based upon the average time it takes to remediate vulnerabilities and helping you to derive why that is the case.
RankedRight gives you the ability to prioritize vulnerabilities from multiple sources, not just one scanner, and provides the framework for you to create your own unique ways of triaging vulnerabilities.

My organization has different priorities in different business units, can I still use RankedRight?

Yes, users can create an unlimited number of Stored Ranking Profiles (SRP). Either the vulnerability data or SRP can then be assigned to individuals in other business units according to your cyber governance model.

How does RankedRight compare to other vulnerability prioritization technologies?

We believe that only you can prioritize your vulnerabilities in a meaningful way. With that being said, manual triage isn’t time or cost-effective, RankedRight automates this manual process and provides access to intelligence for you to build your own Stored Ranking Profile (SRP). We are continually adding more intelligence sources, datapoints and examples in our triage library, allowing for greater flexibility when it comes to building a solid prioritization process.

Does RankedRight work with Tenable.io scans?

Yes, at present we currently support Tenable, Rapid7 and Qualys scans. We are continually expanding our accepted vendors. If there is a vendor that you would like us to support, please let us know and we will get right on it!

Does RankedRight work with ServiceNow?

Yes, you can use our API to connect with any ticketing system. We are planning to provide pre-built connectors to popular vulnerability management tooling with Jira and ServiceNow being top of the list. If there is a particular tool that you would like us to support, please let us know and we will get right on it!

Do you have a partner program?

Yes, and if you are interested in hearing how you can resell or include RankedRight in your vulnerability management service, please get in touch.

Frequently Asked Questions

Why Automated Vulnerability Ranking Is a Must for Every Organization?

With the increasing number of vulnerabilities being identified and the mass improvement of vulnerability scanners over the last 5 years, organizations face immense challenges when it comes to remediating vulnerabilities.

In some cases, patching every vulnerability identified by a scanning tool isn’t possible. This is why prioritization is important. There are many ways to do this, and a good proportion of businesses now perform some level of internal vulnerability ranking using manual processes or scripts.

Unfortunately, according to a Ponemon Institute study*, 50% of organizations believe they are at a disadvantage because they use manual processes. In addition, 53% of companies spend more time navigating manual processes than actually responding to vulnerabilities.

It is imperative for businesses to get to remediation faster. 

* [The state of vulnerability management in the cloud & on-premises] August 2020.

Regardless of the size of your vulnerability management program, it can be extremely difficult to manage identified weaknesses efficiently. It is now more important than ever to prioritize truly critical vulnerabilities as they emerge. RankedRight can help orchestrate the prioritization hurdle and accelerate you on your journey to remediation.

Peter Yeo

COO, RankedRight

Setting triage rules with RankedRight's Stored Ranking Profiles

To make full use of RankedRight's automated triage, you simply set prioritisation rules for vulnerabilities.

To do this, choose criteria from our frequently updated triage library and, with the help of our vulnerability intelligence, create a Stored Ranking Profile (SRP) which shows a prioritised view of the risk. You can then set rules indicating how this type of vulnerability should be delegated, by assigning it to different members of your organisation and/or exporting it into the ITSM solution of your choice.

And that's it.

Here's how it looks:

PCI

Compliance Manager

Tag: PCI Zone

Minimum CVSS Score: 4.0

Sort By: Number of Exploits

Quick wins

System Administrator

Tag: All

Minimum CVSS Score: 3.0

Is it Exploitable?: Yes

Is it Patchable?: Yes

Public or Private?: Public

Sort By: Host

Average time to remediate: 24 hours

Mitigation

SOC Analyst

Tag: All

Is it Exploitable?: Yes

Is it Patchable?: No

Sort By: CVSS 3.0 Impact Score

Why RankedRight

Extensive and expansive
filtering process with no hidden algorithms

A budget-friendly fixed price regardless of the environment size

 

Simple to configure
with no power user necessary

API-first approach to maximise integration ability

Machine learning highlights your remediation inefficiencies

Automated delegation feature for collaboration with asset owners

Supercharge the efficiency of your IT security team

and gain greater control over your own vulnerability management.

Try for free

Get started with the triage tool that automatically ranks vulnerabilities based on rules you've set.

Help your team spend less time on vulnerability administration and more time on keeping your company safe

© 2021 RankedRight Ltd

Privacy Policy

Why You Need A Triage Tool

No one understands better how to rank vulnerabilities in order of impact to your business than your own Information Security team. However, this process takes up so much of their time, there's little left for remediation*.

Let RankedRight relieve them of the pains of vulnerability triage so they can get on with what they're truly great at - keeping your company safe.

*53% of companies spend more time navigating manual processes than actually responding to vulnerabilities (Ponemon Institute).

Get started

Our mission is to help every organisation to gain greater control over their own vulnerability management.

Less admin, more action, greater results.

Introducing: the automated triage tool that follows your rules of prioritisation

Upload

your vulnerability scanning data from your preferred source

Assign

your ranked data to different people in your business to tackle

Automate

your vulnerability triage by setting prioritisation rules for RankedRight to follow

Achieve

significant time savings and the resolution of a greater number of critical and high-risk vulnerabilities

significant time savings and the resolution of a greater number of critical and high-risk vulnerabilities

Automate Triage and Get to Remediation Quicker

Since 2017, the rise in known vulnerabilities has left businesses with more to remediate.


Organizations are finding that vulnerability management is no longer an issue of identification, but one of prioritization.

Most organizations utilize legacy approaches to vulnerability triage causing delays and increasing exposure.

Most other vulnerability prioritization technologies don't take into account your business priorities or risk appetite.

Problem

Assign

Assign your ranked data to different people in your business via the platform or your ITSM solution.

Automate

Automate your vulnerability triage by building Stored Ranking Profiles based on your priorities.

Solution

With our easy to use platform, you will be able to:

Upload

Upload your vulnerability scanning data from various vendors.

Upload

Upload your vulnerability scanning data from various vendors.

Most prioritisation technologies overlook the fact that vulnerabilities affect businesses in different ways and to varying extents. This means businesses may be told to tackle issues in the wrong order.


When done in-house, companies can prioritise vulnerabilities based on their extensive knowledge of how their business operates and where the critical areas are. However, with new vulnerability scans taking place almost daily, the triage process is highly time- and labour- intensive.


With RankedRight, you only need to set prioritisation rules once and then we'll take over the triage for every future vulnerability scan, leaving you to remediate more issues, in the order that's best for your business.

How it works

Try for freeFree trial