The challenge
Zinc Systems, a provider of industry-leading incident, crisis, and threat management solutions for public and private security services, is a client of Rootshell Security’s Penetration Testing, Managed Vulnerability Scanning (MVS), and Cyber Threat Intelligence (CTI) services.
Zinc’s solutions include providing intelligence to the UK Government, City of London Police, and private security firms, as well as helping to protect national retail chains from organized criminal gang activity. These relationships, and the sensitivity of data held within Zinc’s platforms, make IT security paramount.
Managing multiple types of security assessments, on an ongoing basis throughout the year, produces a lot of data for the Zinc team to handle. As is typical of security assessments, results are provided to Zinc in PDF reports over email, but this feels outdated in contrast with Zinc’s otherwise modern and streamlined processes.
The Zinc team are always looking for better ways to manage and action results, that will streamline their vulnerability management processes, reduce response time and resolve critical issues faster.
The Rootshell Platform is incredibly intuitive for non-technical leaders like me. The tooltips and training make it really easy to get the most out of the platform from the get-go.
Stephen Shackell, Director of Intelligence and Risk
The solution
Zinc has revolutionized the way it manages results from multiple security assessments by using The Rootshell Platform.
Instead of static PDF reports, Rootshell’s security consultants upload findings from Zinc’s penetration tests, vulnerability scans, and CTI services directly to the platform, which populate the platform’s dynamic database.
Issues appear in a consistent, uniform format, relieving the Zinc team of the time it takes to manually organize their results. This provides them with a centralized and standardized repository for all vulnerability data across their estate.
Each vulnerability is enriched with insightful information in an intuitive, digestible format, allowing the Zinc team to quickly gain context of their issues and take action. Zinc’s Director of Intelligence and Risk, Stephen Shackell, said “the simple layout makes it easier to understand our results”.
By centralizing all issues, the Zinc team benefit greatly from the platform’s dashboards. At a glance, Stephen can see the bigger picture, including how long an issue has been outstanding, whether issues reoccur, and which pose a high risk to the business.
This makes it simple for a leader like Stephen to easily hold team members to account on their remediation duties and pinpoint where additional investment may be required to reduce risk.
The Rootshell Platform makes all of this simple and accessible, regardless of a team member’s technical knowledge.
Rootshell’s platform gives me the visibility to easily understand issues, approve projects, and collaborate with colleagues, so that our remediation process is as streamlined as possible.
Stephen Shackell, Director of Intelligence and Risk
Partnership
During implementation of the Platform, the Rootshell team ensured that support was provided every step of the way.
This included guidance from the Client Engagement Team, who ensured that Zinc’s onboarding was successful, with ongoing support from their Account Manager.
The Zinc team are able to communicate with Rootshell’s security consultants directly in the platform
Key takeaways
- The Platform centralizes and standardizes any type of vulnerability data, making it easy for users to manage multiple security assessments.
- It improves visibility by enabling teams to track their global threat landscape in real-time
