2020 Client Recognition Award Program

By Fortra's Digital Defense

The Digital Defense Client Recognition Awards are presented to recurring vulnerability management clients that had the highest Security GPA scores among their peers on their external and internal networks. Our 2020 winners have been chosen and notified. See the industry breakout and scores below.

About the Award

Conducted every year since 2007, the Digital Defense Client Recognition Award Program recognizes organizations that displayed the highest level of network security throughout the previous calendar year based on their Frontline.Cloud™ vulnerability and remediation data.  Using Digital Defense’s proprietary Security GPA® scoring algorithm, awards are presented to recurring vulnerability management clients that had the highest Security GPA scores among their peers on their external and internal networks. 

Who is Eligible for an Award?

The following are eligibility requirements for the Client Recognition Award Program:

  • Organizations must be a recurring Digital Defense client in good standing between January 1st and December 31st of the award year
  • Clients must have been contracted for and conducted recurring full internal and external vulnerability scanning on at least a quarterly basis for the entire award year
  • Clients must have full scan data for all four quarters of the award year
  • The client network must be a ‘traditional’ network, comprised of a variety of typical device types observed on a typical network, such as servers, workstations, printers, etc.
  • The client Active View™ must contain an average of at least 50 live devices throughout the year
  • The client Active View must contain at least one live external device during each quarterly scoring cycle
  • A client must not be intentionally or unintentionally abusing built in features of the Frontline.Cloud system, such as marking valid vulnerabilities as ‘false positive’, excluding a large number of hosts and/or ports from scanning or hiding hosts within Active View that may artificially inflate their Security GPA
  • In cases where this is detected, the client may be disqualified or have its quarterly Security GPA recalculated based on the final full vulnerability scan of each quarter or historical Active View data, which will include any ‘hidden’ hosts and/or vulnerabilities
  • As necessary, the Digital Defense EVP of Operations will independently assess any additional factors not identified above within a client’s scanning program in order to ensure common sense, consistency, and fairness are applied in confirming eligibility and identifying winning organizations within the Client Recognition Award Program
How are the Awards Determined?

Once eligible clients are identified, award winners are determined by their Digital Defense Security GPA®.  Security GPA is an easy to understand security metric that is compiled from a combination of individual host grades based on results of recurring vulnerability assessments and penetration testing (if applicable), and standardized system criticality ratings. Security GPA scores are pulled for all clients on a quarterly basis throughout the award year and are based upon vulnerabilities discovered only via non-authenticated methods.  This allows our clients who are more proactive in running recurring authenticated scans (thereby finding more vulnerabilities and causing a lower Security GPA) to have an apples-to-apples Security GPA comparison against clients who choose not to run authenticated scans.

The quarterly Security GPA scores are then averaged using a weighting system based on the recency of the Security GPA scores, with the more recent scores weighing heavier into the final average. Once the ‘annualized’ Security GPA is determined for the internal and external networks, small adjustments/bonuses are applied based on the following criteria:

  • Network Size (+0.01 per 100 hosts internally / +0.01 per 10 hosts externally – up to +0.10 points for each network location score)
  • Penetration Testing (must be conducted by Digital Defense) (+0.10 for internal and external penetration testing – up to +0.10 points for each network location score)
  • Managed Services (+0.0125 per quarter in which contracted, applied both internally and externally)
  • Contracted Frequency of Scanning (+0.0125 internally and externally per quarter for on-demand and monthly scanning)
  • Authenticated Scanning (+0.025 internally during each quarter that a network-wide authenticated vulnerability scan(s) was executed)

After the above adjustments/bonuses are applied to the ’annualized’ Security GPA, clients must have at least a 3.50 Security GPA on their internal and external networks to qualify for an award.  Once qualifying clients have been identified, the internal and external Security GPA scores are averaged and this score is used to rank the qualifiers to determine the awards.

What are the Award Categories?

The following are the defined awards as part of the Client Recognition Award Program:

 

  • Best Overall Network Security Program A trophy is awarded to the client with the highest composite Security GPA (the average of internal and external annualized Security GPAs after bonus/adjustment added) of all Digital Defense clients within its category. The three categories for this award are:
    • Large Network (1000+ live hosts)
    • Midsize Network (250-999 live hosts)
    • Small Network (50-249 live hosts)

The DDI Chief Executive Officer or his designee travels to the client’s location, at no cost to the client, for a trophy presentation at a function of the client’s choosing.

 

  • Excellence in Network Security Award - Awarded to clients who have an annualized Security GPA of 3.50 or higher on their internal and external networks and the average of those Security GPAs places them within the 98th percentile of all of Digital Defense’s recurring vulnerability scanning clients, regardless of their network size category. These clients are awarded a plaque and receive a congratulatory letter from the Digital Defense President & CEO.  These awards are typically shipped via FedEx or U.S. Mail, although they are awarded in person in some instances.

 

  • Honorable Mention – Clients with at least a 3.50 composite Security GPA internally and externally but do not place within the 98th percentile will receive an Honorable Mention certificate and a congratulatory letter from the Digital Defense General Manager.

Award Winners

The following tabs display sanitized lists (identified only by market vertical) of the award winners for 2020:

Winner Category Group Rank Overall Rank Market Vertical Security GPA

Excellence in Network Security Award

(Top 2% Overall)

1 3 Credit Union 4.1205
2 4 Credit Union 4.1155
3 12 Retail 4.0555
4 13 Bank 4.0455
5 16 Credit Union 4.0195
7 20 Credit Union 4.0085
8 21 Credit Union 4.0055
9 22 Bank 4.0025
10 23 Credit Union 3.9995
11 24 Credit Union 3.9980
12 32 Credit Union 3.9115
13 33 Credit Union 3.8965
14 35 Credit Union 3.8920
Honorable Mention 15 41 Bank 3.8575
16 42 Technology 3.8345
17 44(t) Healthcare 3.8215
18 47(t) Credit Union 3.8030
19 55 Technology 3.7830
20 56 Credit Union 3.7810
21 60 Credit Union 3.7785
22 62 Credit Union 3.7720
23(t) 63(t) Legal Services 3.7710
23(t) 63(t) Credit Union 3.7710
25 66 Credit Union 3.7625
26 69 Bank 3.7150
27 70 Credit Union 3.7085
28 71 Education 3.6985
29 74 Credit Union 3.6825
30 81 Education 3.6435
31 82 Credit Union 3.6370
32 84 Credit Union 3.6310
33 87 Credit Union 3.6210

 

Award Group Group Rank Overall Rank Market Vertical Security GPA

Excellence in Network Security Award

(Top 2% Overall)

1 1 Bank 4.2255
2 2 Information Services 4.2075
3 6 Credit Union 4.1060
4 7 Credit Union 4.1045
5 9 Bank 4.0860
6 10 Credit Union 4.0780
7 14 Financial Services 4.0245
8 26 Credit Union 3.9760
9 27 Bank 3.9725
10 28 Credit Union 3.9720
11 30 Credit Union 3.9335
12 31 Bank 3.9205
13 34 Legal Services 3.8950
Honorable Mention 14 36 Credit Union 3.8795
15 38 Bank 3.8760
16 39 Insurance 3.8620
17 40 Credit Union 3.8580
18 44(t) Utilities 3.8215
19 46 Credit Union 3.8210
20 47(t) Financial Services 3.8030
21 51 Financial Services 3.7945
22 52 Financial Services 3.7880
23 53 Energy Services 3.7860
24 57 Credit Union 3.7805
25 59 Credit Union 3.7795
26 61 Credit Union 3.7760
27 65 Credit Union 3.7670
28 68 Credit Union 3.7445
29 72 Credit Union 3.6980
30 73 Credit Union 3.6830
31 76 Credit Union 3.6785
32 80 Credit Union 3.6555
33 83 Credit Union 3.6340
34 86 Credit Union 3.6270
35 89 Credit Union 3.5925
36 91 Credit Union 3.5615
37 92 Credit Union 3.5540
Award Group Group Rank Overall Rank Market Vertical Security GPA

Excellence in Network Security Award

(Top 2% Overall)

1 5 Financial Services 4.1100
2 8 Credit Union 4.0975
3 11 Credit Union 4.0740
4 15 Credit Union 4.0205
5 17 Bank 4.0185
6 19 Credit Union 4.0135
7 25 Credit Union 3.9970
8 29 Credit Union 3.9485
Honorable Mention 10 43 Legal Services 3.8335
11 49 Credit Union 3.8015
12 50 Credit Union 3.8005
13 54 Credit Union 3.7840
14 58 Bank 3.7800
15 67 Non-Profit 3.7500
16 75 Credit Union 3.6800
17 77 Technology 3.6755
18 78 Credit Union 3.6690
19 79 Credit Union 3.6675
20 85 Credit Union 3.6305
21 88 Technology 3.6095
22 90 Financial Services 3.5785
23 93 Transportation 3.5465
Share This