[Solution Review] WithNetworks ‘WithVTM 3.0’

Identifying “what to protect first” is the starting point for enterprise security

[DataNet] WithNetworks’ WithVTM 3.0 is a true converged security management platform that goes beyond a vulnerability scanner or asset management tool. The product’s Vulnerability and Threat Management (VTM) philosophy is not just about finding vulnerabilities; it’s about mapping them to real threats and managing them in context.

Background: solving a common enterprise dilemma

The solution was born from a common challenge faced by many organizations. Despite deploying multiple security tools, security teams still struggle to answer the question, “What should we do right now?” Security operators are buried under countless vulnerability reports and miss genuinely critical threats. Repeated manual tasks required for audits, long hours, and excessive overtime have led many teams to burnout. WithVTM 3.0 was designed to address these practical, real-world problems.

Complete asset visibility

The first strength of WithVTM 3.0 is its ability to discover every IT asset in an organization without omission. Using an agentless scanning approach, it automatically detects all devices connected to the network. In addition to collecting IP and MAC addresses, it identifies each device’s operating system, installed software, running services, open ports, and network relationships.

A particularly notable capability is its shadow IT detection. The system automatically discovers assets unknown to the IT department—temporary installs that were forgotten, or servers run independently by development teams—and brings them into managed inventory. One large enterprise customer reported a 35% increase in managed assets after adopting WithVTM 3.0.

Asset data is updated in real time: new devices are detected the moment they connect to the network, and changes to existing assets are reflected automatically. This ensures the organization always maintains an up-to-date asset inventory.

Intelligent vulnerability analysis engine

WithVTM 3.0’s vulnerability analysis engine performs intelligent analysis beyond simple pattern matching. Based on collected asset information, it automatically identifies potential vulnerabilities for each asset. The engine pulls from multiple data sources, including:

• Real-time integration with global CVE databases

• Automated collection of vendor security advisories

• Threat intelligence from national cybersecurity agencies

• Zero-day information gathered via dark-web monitoring

A major strength is its ability to integrate results from a variety of scanners. It supports commercial and open-source scanners such as Tenable Nessus, Qualys, and OpenVAS, consolidating their outputs to deliver more accurate analysis without vendor lock-in.

Business-centric prioritization

Another innovative feature of WithVTM 3.0 is its algorithm for prioritizing vulnerabilities from a business perspective. Rather than relying solely on CVSS scores, the platform considers multiple factors, including:

• Business criticality of the asset (user-defined weighting)

• Network location (internet-facing, DMZ, internal network, etc.)

• Data sensitivity (whether the asset handles personal data, trade secrets, etc.)

• Likelihood of attack (threat-intelligence driven)

• Estimated impact if exploited (availability, confidentiality, integrity)

• Patch complexity and time required for remediation

This multidimensional analysis produces a prioritized list that helps security teams use limited resources more effectively—turning “1,000 vulnerabilities” into “the 10 critical threats that must be addressed immediately.”

Automated workflows

Automating repetitive manual work is a core objective of WithVTM 3.0. The platform includes a workflow engine that can automate the entire lifecycle from detection to remediation verification:

• Automatic ticket creation and assignee allocation

• Automated patch approval processes

• Scheduling and execution of patch deployment

• Automatic re-scanning and verification after remediation

• Auto-generation and distribution of result reports

Native integrations with major ITSM platforms such as ServiceNow, Jira, and BMC Remedy allow WithVTM 3.0 to fit naturally into existing operational processes.

Compliance automation

Regulatory compliance is a heavy burden for many organizations; WithVTM 3.0 significantly reduces that burden by offering prebuilt templates for major regulatory frameworks and automatically collecting required evidence.

• Supports ISMS certification workflows

• Helps meet electronic financial supervision regulations

• Addresses international standards such as PCI-DSS and ISO 27001

• Allows definition of custom regulatory requirements

All activities are logged with timestamps and stored for audit purposes, enabling immediate evidence provision during inspections. The platform can automatically generate regulation-specific reports, reducing audit preparation time by over 90%.