Customer Wins

Closing the Communications Gap – XM Cyber to Help DevOps Succeed

Posted by: Bill Bradley
February 01, 2024
Getting your Trinity Audio player ready...

A weekly update highlighting where XM Cyber customers are seeing value with the continuous exposure management platform.


Team sports require clear communication to ensure everyone is moving in the right direction at the right time. Similarly, cybersecurity teams need to communicate not only to their direct team but other roles within the organization – frequently IT –  to be successful.

Recently, an XM Cyber customer in the professional sports industry struggled with communication between the Security and DevOps team. Security would send tickets for the remediations they needed, but they would often go unaddressed. Meanwhile the DevOps team prioritized getting existing projects and tasks completed, rather than focusing on remediation. While these tasks were in their backlog, the team simply didn’t have the time to get to these potentially critical exposures that could lead to a compromise. The result was that the biggest risks were not being addressed, leaving business-critical assets exposed. 


The Security team used the XM Cyber Attack Graph Analysis to model how an attacker could compromise the organization. Using vulnerabilities, misconfigurations, and identity issues then layering the organization’s critical assets, the Security team was able to present a list of issues based on the biggest risks. Further prioritization with choke points, i.e., assets where multiple attack paths converge, allowed Security to deliver a high impact target list for DevOps.


Owing to the shared understanding of what was putting the organization at the greatest risk, both DevOps and Security could align on the most critical assets to remediate first. The Security team was able to bring fewer tasks to DevOps while delivering a great impact on risk reduction. At the same time, the non-critical items were put into the IT backlog to be addressed over time. This allowed both teams to show a win for the business and this shared language of risk has been a valuable enabler, to fix less and prevent more. 

Related Topics

Bill Bradley

Bill is Sr Director of Product Marketing for XM Cyber and brings a diverse background of sales, product management, and marketing to the role. He knows enough of cybersecurity to be dangerous, but also when to seek expert guidance.

Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.