Continuous Monitoring and Risk Assessment (CMRA)


Vulnerability Management is a critically important part of any successful cybersecurity program.  Having a way to continually scan your environment in an automated manner, and present results that clearly prioritize the most serious risk issues and help you know how to address them, can help simplify your vulnerability management process.

MCNC will scan your external network perimeter using vulnerability scanning infrastructure hosted in our data centers.  You define the networks that you want scanned and we take care of the rest. Your scans will run continuously and the results are automatically imported into Kenna Security’s exploit intelligence platform (  Kenna uses threat intelligence data to calculate risk scores for vulnerabilities present in your environment.  These risk scores use machine learning to consider factors such as which vulnerabilities are actively being used in successful breaches, how easy is a vulnerability to exploit, how popular a is a specific exploit, does malware exist to exploit a specific vulnerability, etc.

When you log in to your customized web portal, you’ll see your vulnerabilities, prioritized based on risk score.  This prioritization makes it simple to know which vulnerabilities you should address first, because they pose the highest risk.  You’ll also be able to access remediation guidance to understand how to correct any identified issues. As issues are remediated, your risk scores will update automatically.  As the scanning is continuous and automated, you will see your most current vulnerability and risk score data each time you access your web portal.

Initially, this fully-managed monitoring and assessment service will scan your external network perimeter (or other externally accessible systems that you define).  We are planning a future enhancement that will allow monitoring of systems on your internal network.

If you already have your own vulnerability scanning platform and just want to use the Kenna Security dashboard for data analysis, we can do that too.  Just let us know and we can help you get everything working together.


There are no documents available at this time.

Eligibility and Requirements of Service

Customer must be a public sector or non-profit organization in order to be eligible for this service.

Pricing starts with a base per customer rate that includes 100 IP addresses to scan and monitor your network. Additional sets of IPs can be purchased based on need. To inquire about new service, please submit a web request.

<< Services Home