Organizations don’t manage security patches one by one, and your software shouldn’t either. Spartan is focused on cybersecurity work efficiency from beginning to end. Vulnerabilities get packaged into a set of software patches, and we generate an optimized work plan for you based on these patches.
Everything in Spartan is based on a work cycle. Teams can define whatever cycle works best for them (e.g. weekly, monthly, etc.). Then new vulnerabilities are processed and assigned work based on the work cycles.
Each asset group (e.g. operator workstations, network switches, web servers, etc.) is assigned a default deadline and patching cycle. The primary time savings in Spartan comes from the patching cycle. Most organizations have a backstop when they will patch systems (e.g. quarterly, annually, next outage, etc.). Then, Spartan assigns patches to work cycles based on the AI analysis. The work plan groups all of the same types of assets together with the same due dates and work plans are assigned to the asset group team.
A valuable outcome of this grouping is a more realistic time estimate of the work. The time for patching goes far beyond just applying the patch. Organizations coordinate testing, downtime, and validation. In many cases, the actual patch application is a small fraction of the overall time spent by the organization coordinating downtime. This differs greatly by the asset group. For example, operator workstations may take almost no coordination to apply patches. However, taking down a core networking switch for patching may involve months of planning. Spartan’s realistic time estimates allow the organization to better understand the true cost of vulnerability management.