2019 Client Recognition Award Program

By Fortra's Digital Defense

As part of its annual program to recognize clients who demonstrated the highest level of network security in the previous year, Digital Defense has recently identified 2019 Client Recognition Award winners.

Although a small number of awards have been shipped out, due to the COVID-19 pandemic and resulting remote work requirements, shipments of the remaining awards will be delayed for the foreseeable future.  If you have not yet been notified and/or would like to know if you were one of the 97 winners of an award for the 2019 calendar year, please contact your Client Advocate.  If you were not a winner, don’t worry - the 2020 award year is underway and there is plenty of time for your organization to qualify!

About the Award

Conducted every year since 2007, the Digital Defense Client Recognition Award Program recognizes organizations that displayed the highest level of network security throughout the previous calendar year based on their Frontline.Cloud™ vulnerability and remediation data.  Using Digital Defense’s proprietary Security GPA® scoring algorithm, awards are presented to recurring vulnerability management clients that had the highest Security GPA scores among their peers on their external and internal networks.  The following are the criteria surrounding the award program for 2019.

Who is Eligible for an Award?

The following are eligibility requirements for the Client Recognition Award Program:

  • Organizations must be a recurring Digital Defense client in good standing between January 1st and December 31st of the award year
  • Clients must have been contracted for and conducted recurring full internal and external vulnerability scanning on at least a quarterly basis for the entire award year
  • Clients must have full scan data for all four quarters of the award year
  • The client network must be a ‘traditional’ network, comprised of a variety of typical device types observed on a typical network, such as servers, workstations, printers, etc.
  • The client Active View™ must contain an average of at least 50 live devices throughout the year
  • The client Active View must contain at least one live external device during each quarterly scoring cycle
  • A client must not be intentionally or unintentionally abusing built in features of the Frontline.Cloud system, such as marking valid vulnerabilities as ‘false positive’, excluding a large number of hosts and/or ports from scanning or hiding hosts within Active View that may artificially inflate their Security GPA
  • In cases where this is detected, the client may be disqualified or have its quarterly Security GPA recalculated based on the final full vulnerability scan of each quarter or historical Active View data, which will include any ‘hidden’ hosts and/or vulnerabilities
  • As necessary, the Digital Defense EVP of Operations will independently assess any additional factors not identified above within a client’s scanning program in order to ensure common sense, consistency, and fairness are applied in confirming eligibility and identifying winning organizations within the Client Recognition Award Program
How are the Awards Determined?

Once eligible clients are identified, award winners are determined by their Digital Defense Security GPA®.  Security GPA is an easy to understand security metric that is compiled from a combination of individual host grades based on results of recurring vulnerability assessments and penetration testing (if applicable), and standardized system criticality ratings. Security GPA scores are pulled for all clients on a quarterly basis throughout the award year and are based upon vulnerabilities discovered only via non-authenticated methods.  This allows our clients who are more proactive in running recurring authenticated scans (thereby finding more vulnerabilities and causing a lower Security GPA) to have an apples-to-apples Security GPA comparison against clients who choose not to run authenticated scans.

The quarterly Security GPA scores are then averaged using a weighting system based on the recency of the Security GPA scores, with the more recent scores weighing heavier into the final average. Once the ‘annualized’ Security GPA is determined for the internal and external networks, small adjustments/bonuses are applied based on the following criteria:

  • Network Size (+0.01 per 100 hosts internally / +0.01 per 10 hosts externally – up to +0.10 points for each network location score)
  • Penetration Testing (must be conducted by Digital Defense) (+0.10 for internal and external penetration testing – up to +0.10 points for each network location score)
  • Managed Services (+0.0125 per quarter in which contracted, applied both internally and externally)
  • Contracted Frequency of Scanning (+0.0125 internally and externally per quarter for on-demand and monthly scanning)
  • Authenticated Scanning (+0.025 internally during each quarter that a network-wide authenticated vulnerability scan(s) was executed)

After the above adjustments/bonuses are applied to the ’annualized’ Security GPA, clients must have at least a 3.50 Security GPA on their internal and external networks to qualify for an award.  Once qualifying clients have been identified, the internal and external Security GPA scores are averaged and this score is used to rank the qualifiers to determine the awards.

What are the Award Categories?

The following are the defined awards as part of the Client Recognition Award Program:

 

  • Best Overall Network Security Program A trophy is awarded to the client with the highest composite Security GPA (the average of internal and external annualized Security GPAs after bonus/adjustment added) of all Digital Defense clients within its category. The three categories for this award are:
    • Large Network (1000+ live hosts)
    • Midsize Network (250-999 live hosts)
    • Small Network (50-249 live hosts)

The DDI Chief Executive Officer or his designee travels to the client’s location, at no cost to the client, for a trophy presentation at a function of the client’s choosing.

 

  • Excellence in Network Security Award - Awarded to clients who have an annualized Security GPA of 3.50 or higher on their internal and external networks and the average of those Security GPAs places them within the 98th percentile of all of Digital Defense’s recurring vulnerability scanning clients, regardless of their network size category. These clients are awarded a plaque and receive a congratulatory letter from the Digital Defense President & CEO.  These awards are typically shipped via FedEx or U.S. Mail, although they are awarded in person in some instances.

 

  • Honorable Mention – Clients with at least a 3.50 composite Security GPA internally and externally but do not place within the 98th percentile will receive an Honorable Mention certificate and a congratulatory letter from the Digital Defense President & CEO.

Award Winners

The following tabs display sanitized lists (identified only by market vertical) of the award winners for 2019:

Award Group Group Rank Overall Rank Market Vertical Composite Security GPA
Winner               Large Network Category           (1000+ Devices) 1 2 Credit Union 4.1460
Excellence in Network Security Award
(Top 2% Overall)
2 5 Credit Union 4.0510
3 9 Credit Union 4.0440
4 14 Credit Union 3.9990
5 15 Utilities 3.9910
6 19 Credit Union 3.9865
7 20 Credit Union 3.9815
8 21 Credit Union 3.9430
9 22 Credit Union 3.9335
10 26 Credit Union 3.9255
11 27 Legal Services 3.9200
12 28(t) Credit Union 3.9170
13 31 Financial Services 3.9025
14 32 Education 3.8980
15 33 Retail 3.8975
16 34 Credit Union 3.8885
17 35(t) Credit Union 3.8850
Honorable Mention 18 37 Credit Union 3.8795
19 38 Bank 3.8765
20 43 Credit Union 3.8430
21 47 Bank 3.8165
22 50 Information Technology 3.8040
23 59 Information Technology 3.7565
24 62 Credit Union 3.7395
25 63(t) Credit Union 3.7375
26 65 Legal Services 3.7295
27 78 Financial Services 3.6670
28 80 Credit Union 3.6595
29 82 Credit Union 3.6205
30 83 Credit Union 3.6120
31 84 Legal Services 3.6100
32 85 Credit Union 3.6075
33 93 Healthcare 3.5565
34 97 Bank 3.5280

 

Award Group Group Rank Overall Rank Market Vertical Composite Security GPA
Winner               Medium Network Category             (250-999 Devices) 1 1 Bank 4.1770
Excellence in Network Security Award
(Top 2% Overall)
2 3 Information Services 4.1310
3 7 Credit Union 4.0455
4 10 Bank 4.0355
5 11 Credit Union 4.0330
6 12 Bank 4.0210
7 16(t) Credit Union 3.9875
8 23 Insurance 3.9325
9 25 Bank 3.9310
10 30 Healthcare 3.9035
11 35(t) Credit Union 3.8850
Honorable Mention 12 39 Credit Union 3.8750
13(t) 40(t) Bank 3.8705
13(t) 40(t) Energy Services 3.8705
15 44 Credit Union 3.8400
16 46 Credit Union 3.8190
17 48 Bank 3.8155
18 51 Credit Union 3.7985
19 54 Credit Union 3.7790
20 55 Credit Union 3.7750
21 56 Legal Services 3.7725
22 60 Leisure 3.7540
23 61 Credit Union 3.7460
24 63(t) Credit Union 3.7375
25 66 Bank 3.7290
26 67 Credit Union 3.7255
27 70 Financial Services 3.7135
28 71 Information Services 3.6965
29 72 Retail 3.6895
30 73 Credit Union 3.6855
31 74 Credit Union 3.6830
32 75 Legal Services 3.6775
33 79 Credit Union 3.6630
34 81 Bank 3.6535
35 86 Credit Union 3.6055
36 87 Credit Union 3.5990
37 88 Credit Union 3.5980
38 89 Utilities 3.5975
39 91 Credit Union 3.5940
40 92 Insurance 3.5685
41 94 Credit Union 3.5545
42 95 Financial Services 3.5525
43 96 Services 3.5360
Award Group Group Rank Overall Rank Market Vertical Composite Security GPA
Winner               Small Network Category                (50-249 Devices) 1 4 Financial Services 4.0980
Excellence in Network Security Award
(Top 2% Overall)
2 6 Credit Union 4.0460
3 8 Credit Union 4.0445
4 13 Credit Union 4.0125
5(t) 16(t) Credit Union 3.9875
5(t) 16(t) Bank 3.9875
7 24 Credit Union 3.9315
8 28(t) Credit Union 3.9170
Honorable Mention 9 42 Credit Union 3.8490
10 45 Credit Union 3.8345
11 49 Credit Union 3.8130
12 52 Credit Union 3.7860
13 53 Bank 3.7805
14 57 Credit Union 3.7715
15 58 Financial Services 3.7700
16 68 Credit Union 3.7160
17 69 Credit Union 3.7150
18 76 Information Technology 3.6680
19 77 Education 3.6675
20 90 Credit Union 3.5945

Where Can I Get More Information?

For more information on the Digital Defense Client Recognition Program and/or to find out if your qualified in 2019, please contact your Client Advocate at 888-273-1412, Option #2, or email: [email protected].

Share This