Resources > Case Study
Lineas Enables Effective Risk-Based Vulnerability Management (RBVM)
with VulnDB®
VulnDB’s extensive research was the essential component that enabled Lineas to identify risk in a more comprehensive manner by quickly prioritizing and remediating vulnerabilities for better outcomes.
About the customer
Lineas is the largest private rail freight operator in Europe offering premium rail
products and total door-to-door logistics solutions.
As Europe’s largest private rail freight operator, it is critical for Lineas to maintain secure and available systems. Any interruption of operations could have a severe supply–chain impact on the partners that depend upon them. It is Christophe Rome’s mission, as Chief Information Security Officer at Lineas, to put in place an effective security program that mitigates the likelihood and impact of any such incidents.
As Lineas sought to optimize their cyber risk posture and response capabilities, Christophe faced a real challenge. He would need to create and improve governance, and implement enhanced monitoring, reporting and processing of the vulnerabilities affecting their systems. They needed a solution in Christophe’s words, was more than “checkbox security”.
Comprehensive Security as a Way to Prioritize
With cyber resilience in mind, Christophe considered his limited resources, and recognized that his team would have to know where to prioritize their efforts in order to operate optimally. To achieve this, Lineas would need comprehensive and asset-centric vulnerability intelligence that could enable truly risk-based vulnerability management (RBVM).
Seeing the Full Picture with VulnDB
VulnDB’s extensive research was the essential component that enabled Lineas to identify risk in a more comprehensive manner by quickly prioritizing and remediating vulnerabilities for better outcomes. Independently researched, VulnDB captures more than 287,000 vulnerabilities. Of those vulnerabilities, over 93,000 cannot be found in CVE and NVD, giving Christophe’s team a much more complete picture than organizations that rely on the public source.
The vulnerability entries in VulnDB contain detailed source information, extensive references, links to Proof-of-Concept code, solutions, and other valuable metadata. Combined with proprietary VTEM metrics and historical vulnerability data, VulnDB is Lineas’ single source of truth.
VulnDB is Lineas’ long-term solution for vulnerability intelligence and RBVM challenges. With comprehensive, detailed and timely vulnerability data, Lineas can be confident that they are making effective risk-based security decisions.
“For any vulnerability out there, or vulnerabilities that are being published, VulnDB is our ultimate source. That was the most important part for me – that this is the single source of truth. We don’t have unlimited time and resources; when we go to VulnDB we know that nothing else can be added to it. Let’s put it this way, if VulnDB doesn’t know it, nobody else does.”