ActiveGuard® Vulnerability Lifecycle Management

Transcription

ActiveGuard® Vulnerability Lifecycle Management
ActiveGuard® Vulnerability Lifecycle Management
Complete, Seamless Vulnerability Workflow Management
Solutionary ActiveGuard® Vulnerability Lifecycle Management
(VLM) enables clients to seamlessly manage the vulnerability
remediation process. With the tools and automation available
in VLM, clients are able to save time and reduce the number
of tedious tasks associated with vulnerability remediation
management. VLM supports a best-practice approach for
security frameworks and compliance mandates to make
regulatory compliance more efficient. For example, VLM is
fully compliant with the Payment Card Industry Data Security
Standard (PCI DSS) and enhances the ability to efficiently comply
with PCI scanning requirements.
Flexible Vulnerability Scanning Options
Clients can choose to perform vulnerability scans themselves
via the ActiveGuard Portal or import data from industry-standard
scanning service providers. Clients may also elect to have
the Solutionary Security Operations Center (SOC) manage the
process or perform PCI Certified Approved Scanning Vendor
(ASV) scans on their behalf.
Assignment, Remediation and Disposition
Solutionary VLM allows clients to manage vulnerabilities in the
manner they choose. Clients can prioritize vulnerabilities, create
tickets and assign them for remediation. Vulnerabilities can
be worked directly or prioritized and assigned to client team
members for remediation via rules that automate the process.
track and audit remediation work and ensure it was performed
properly. Reports and dashboards show items that have not
been remediated.
PCI-Compliant Workflow
When Solutionary performs vulnerability scans as part of the
ASV scanning service, the VLM workflow automatically
changes to conform to PCI requirements and enforce PCI
compliant workflow rules.
Integration with ActiveGuard
VLM is fully integrated with the patented, cloud-based
ActiveGuard service platform and the ActiveGuard Portal. Scan
results feed into ActiveGuard for automatic threat correlation
with the Solutionary Log Monitoring service. Vulnerability
context allows ActiveGuard to determine the severity of
potential threats and increase the client’s level of security.
Within the ActiveGuard Portal, VLM supports complex data
mining and filtering with summary and drill-down, detailed
access to scanning results. The portal has a customizable
dashboard that provides user-selected, real-time views of
vulnerabilities and remediation progress. Scheduled and
on-demand reports (including user-defined and SQL) that cover
both tickets and vulnerabilities are delivered securely through
the portal.
Highly Scalable VLM
Assess
& Scan
Manage
Remediation
Report
VLM allows clients to disposition data, marking vulnerabilities to
a different state such as Verified, Fix, False Positive, No Impact
and more. Multiple values may be assigned to a single ticket so
that entire tickets can be assigned a disposition to be worked
en mass or individual vulnerabilities can be assigned to a ticket
to be worked individually. Certain dispositions can be flagged
as exceptions so the vulnerability will not be reported on in
subsequent scans, but will still appear in audit reports.
Eliminate Costly Rework
VLM eliminates time-consuming, costly rework as the entire
process is auditable with journal entries. The Auto-Clean
feature automates remediation, reducing the time clients spend
managing data. Vulnerability journals allow management to
VLM is well-suited for SMB, mid-size and large enterprise
environments. With typical scans generating thousands of
results, a vulnerability lifecycle management solution like
Solutionary VLM is essential to efficiently convert large amounts
of data into actionable security intelligence and manage the
remediation process.
Features Include:
•
Support for major scanning vendors
• Qualys, Nessus, SAINT (direct control via the portal)
• Rapid7, Retina, Foundstone (import data into portal)
•
Integration with ActiveGuard Log Monitoring for threat
correlation
•
PCI compliant, automated, rule-based workflow
•
Complex data mining and results filtering
•
Advanced reporting capabilities
•
Auto Clean logic for quick and easy data reconciliation and
remediation tracking
•
Flexible dispositioning of vulnerabilities without control loss
Solutionary – The Next Generation Managed Security Services Provider
Solutionary, an NTT Group security company, reduces the
The Solutionary Difference:
information security and compliance burden, delivering
•
100% Security Focused
flexible managed security services that align with client
•
Customer Service is Our Culture
goals, enhancing organizations’ existing security program,
•
Patented Technology with Advanced Analytics
infrastructure and personnel.
•
Global Threat Intelligence — SERT
Solutionary Services Include:
•
Acknowledged Leader by Industry Experts and Analysts
•
Log Monitoring and Management
•
Managed Security Services
•
Security Device Management
•
Security Consulting Services
•
Vulnerability Management
•
Compliance Services
•
Cloud and Virtualization Security
•
Critical Incident Response
Solutionary Clients Receive:
•
Peace of Mind
•
Unparalleled, Passionate Customer Service
•
Flexible, Easy to Do Business with Partner
•
Extension of the Internal Team
•
Optimization of Existing Technology Investments
•
Strengthened, Accelerated Security Program
•
Reduced Cost of Security
Services are delivered to clients through multiple 24/7,
•
Advanced Threat Detection and Context-Based Alerts
fully redundant security operations centers (SOCs).
•
Visibility to Make Informed Security Decisions
•
Cross-Device Correlation
•
Eased Audits and Compliance Support
•
Dedicated Service Delivery Manager
SM
Global Threat Intelligence – SERT
The patented ActiveGuard® Security and Compliance Platform
is the technology behind Solutionary services.
The Solutionary Security Engineering Research Team
(SERT) protects and informs Solutionary clients through
ActiveGuard is able to accurately collect, analyze and
security threat research, vulnerability analysis and the
correlate vast amounts of data from virtually any application or
development of effective countermeasures.
device capable of producing a log file. This allows Solutionary
to improve security while making it more efficient.
ActiveGuard® Features Include:
•
Highly Configurable Compliance Platform
•
Built-In Heuristics and Anomaly Detection
•
Context-Aware Alerting
•
24/7 Portal Access
•
View Status, Configurations and Change History
•
Global Threat Intelligence
•
Industry and Compliance Reporting
•
Customized Reporting
•
Evidence and Log Vault
Blue
Pantone 287
Hex: 00529b
C: 100
M: 68
Y: 0
K: 12
9420 Underwood Avenue
Omaha, NE 68114
(866) 333 2133
www.solutionary.com
Get Started Today
See how Solutionary can help optimize security,
improve efficiency and ease compliance. Contact an
authorized Solutionary partner or Solutionary directly.
866-333-2133 | info@solutionary.com | Solutionary.com
Solutionary, an NTT Group security company, is the next generation managed security services
provider (MSSP), focused on delivering managed security services and global threat intelligence.
888-80-InNet
InNetworkTech.com