Vendor Analysis
published on Jan 28, 2025
Report Overview:
This NelsonHall vendor assessment analyzes Kyndryl's offerings and capabilities in Attack Surface Management
Who is this Report for:
NelsonHall’s Attack Surface Management (ASM) profile on Kyndryl is a comprehensive assessment of Kyndryl’s offerings and capabilities, designed for:
- Sourcing managers monitoring the capabilities of existing suppliers of attack surface management and identifying vendor suitability for attack surface management RFPs
- Vendor marketing, sales, and business managers looking to benchmark themselves against their peers
- Financial analysts and investors specializing in the attack surface management sector.
Scope of this Report:
The report provides a comprehensive and objective analysis of Kyndryl’s attack surface management offerings, capabilities, and market and financial strengths, including:
- Identification of the company’s strategy, emphasis, and new developments
- Analysis of the company’s strengths, weaknesses, and outlook
- Revenue estimates
- Analysis of the profile of the company’s customer base including the company’s targeting strategy and examples of current contracts
- Analysis of the company’s offerings and key service components
- Analysis of the company’s delivery organization including the location of delivery centers.
Key Findings & Highlights:
Kyndryl's ASM services aim to continuously discover, classify, and prioritize internet-facing hardware, software, and cloud assets, to then perform vulnerability management, remediation planning, and monitoring of these assets.
The majority of ASM services are provided via the company's vulnerability management and advisory services using a risk-based delivery model to assess the client's risk appetite and the vulnerabilities they would face against the remediations available.
The newest service in the ASM portfolio is Continuous Security Control Validation (CSCV), that provides daily scans to detect assts and vulnerabilities using automated penetration testing to enable rapid remediation of vulnerabilities by providing users actionable reports of the vulnerabilities.