ActiveGuard® Vulnerability Lifecycle Management
Transcription
ActiveGuard® Vulnerability Lifecycle Management
ActiveGuard® Vulnerability Lifecycle Management Complete, Seamless Vulnerability Workflow Management Solutionary ActiveGuard® Vulnerability Lifecycle Management (VLM) enables clients to seamlessly manage the vulnerability remediation process. With the tools and automation available in VLM, clients are able to save time and reduce the number of tedious tasks associated with vulnerability remediation management. VLM supports a best-practice approach for security frameworks and compliance mandates to make regulatory compliance more efficient. For example, VLM is fully compliant with the Payment Card Industry Data Security Standard (PCI DSS) and enhances the ability to efficiently comply with PCI scanning requirements. Flexible Vulnerability Scanning Options Clients can choose to perform vulnerability scans themselves via the ActiveGuard Portal or import data from industry-standard scanning service providers. Clients may also elect to have the Solutionary Security Operations Center (SOC) manage the process or perform PCI Certified Approved Scanning Vendor (ASV) scans on their behalf. Assignment, Remediation and Disposition Solutionary VLM allows clients to manage vulnerabilities in the manner they choose. Clients can prioritize vulnerabilities, create tickets and assign them for remediation. Vulnerabilities can be worked directly or prioritized and assigned to client team members for remediation via rules that automate the process. track and audit remediation work and ensure it was performed properly. Reports and dashboards show items that have not been remediated. PCI-Compliant Workflow When Solutionary performs vulnerability scans as part of the ASV scanning service, the VLM workflow automatically changes to conform to PCI requirements and enforce PCI compliant workflow rules. Integration with ActiveGuard VLM is fully integrated with the patented, cloud-based ActiveGuard service platform and the ActiveGuard Portal. Scan results feed into ActiveGuard for automatic threat correlation with the Solutionary Log Monitoring service. Vulnerability context allows ActiveGuard to determine the severity of potential threats and increase the client’s level of security. Within the ActiveGuard Portal, VLM supports complex data mining and filtering with summary and drill-down, detailed access to scanning results. The portal has a customizable dashboard that provides user-selected, real-time views of vulnerabilities and remediation progress. Scheduled and on-demand reports (including user-defined and SQL) that cover both tickets and vulnerabilities are delivered securely through the portal. Highly Scalable VLM Assess & Scan Manage Remediation Report VLM allows clients to disposition data, marking vulnerabilities to a different state such as Verified, Fix, False Positive, No Impact and more. Multiple values may be assigned to a single ticket so that entire tickets can be assigned a disposition to be worked en mass or individual vulnerabilities can be assigned to a ticket to be worked individually. Certain dispositions can be flagged as exceptions so the vulnerability will not be reported on in subsequent scans, but will still appear in audit reports. Eliminate Costly Rework VLM eliminates time-consuming, costly rework as the entire process is auditable with journal entries. The Auto-Clean feature automates remediation, reducing the time clients spend managing data. Vulnerability journals allow management to VLM is well-suited for SMB, mid-size and large enterprise environments. With typical scans generating thousands of results, a vulnerability lifecycle management solution like Solutionary VLM is essential to efficiently convert large amounts of data into actionable security intelligence and manage the remediation process. Features Include: • Support for major scanning vendors • Qualys, Nessus, SAINT (direct control via the portal) • Rapid7, Retina, Foundstone (import data into portal) • Integration with ActiveGuard Log Monitoring for threat correlation • PCI compliant, automated, rule-based workflow • Complex data mining and results filtering • Advanced reporting capabilities • Auto Clean logic for quick and easy data reconciliation and remediation tracking • Flexible dispositioning of vulnerabilities without control loss Solutionary – The Next Generation Managed Security Services Provider Solutionary, an NTT Group security company, reduces the The Solutionary Difference: information security and compliance burden, delivering • 100% Security Focused flexible managed security services that align with client • Customer Service is Our Culture goals, enhancing organizations’ existing security program, • Patented Technology with Advanced Analytics infrastructure and personnel. • Global Threat Intelligence — SERT Solutionary Services Include: • Acknowledged Leader by Industry Experts and Analysts • Log Monitoring and Management • Managed Security Services • Security Device Management • Security Consulting Services • Vulnerability Management • Compliance Services • Cloud and Virtualization Security • Critical Incident Response Solutionary Clients Receive: • Peace of Mind • Unparalleled, Passionate Customer Service • Flexible, Easy to Do Business with Partner • Extension of the Internal Team • Optimization of Existing Technology Investments • Strengthened, Accelerated Security Program • Reduced Cost of Security Services are delivered to clients through multiple 24/7, • Advanced Threat Detection and Context-Based Alerts fully redundant security operations centers (SOCs). • Visibility to Make Informed Security Decisions • Cross-Device Correlation • Eased Audits and Compliance Support • Dedicated Service Delivery Manager SM Global Threat Intelligence – SERT The patented ActiveGuard® Security and Compliance Platform is the technology behind Solutionary services. The Solutionary Security Engineering Research Team (SERT) protects and informs Solutionary clients through ActiveGuard is able to accurately collect, analyze and security threat research, vulnerability analysis and the correlate vast amounts of data from virtually any application or development of effective countermeasures. device capable of producing a log file. This allows Solutionary to improve security while making it more efficient. ActiveGuard® Features Include: • Highly Configurable Compliance Platform • Built-In Heuristics and Anomaly Detection • Context-Aware Alerting • 24/7 Portal Access • View Status, Configurations and Change History • Global Threat Intelligence • Industry and Compliance Reporting • Customized Reporting • Evidence and Log Vault Blue Pantone 287 Hex: 00529b C: 100 M: 68 Y: 0 K: 12 9420 Underwood Avenue Omaha, NE 68114 (866) 333 2133 www.solutionary.com Get Started Today See how Solutionary can help optimize security, improve efficiency and ease compliance. Contact an authorized Solutionary partner or Solutionary directly. 866-333-2133 | info@solutionary.com | Solutionary.com Solutionary, an NTT Group security company, is the next generation managed security services provider (MSSP), focused on delivering managed security services and global threat intelligence. 888-80-InNet InNetworkTech.com