Vulnerability Management

Know your vulnerabilities. Know your risk.

Do you know where your most vulnerable systems, networks and applications are? What is your average remediation time for high-, medium- and low-risk vulnerabilities? Can you automatically identify vulnerabilities by asset class, business unit, classification, category or regulatory requirement?

The SecureFusion Vulnerability Management module provides continuous vulnerability detection and reporting through the SecureFusion Portal, enabling you to establish a repeatable, automated scanning program across your entire enterprise. The most current results are always reflected in the SecureFusion Portal which means you no longer have to wait until the next vulnerability assessment to measure and evaluate your risks. The SecureFusion Portal provides historical results, remediation tracking and other vulnerability management functions for effective benchmarking, trending and metrics.

How does it work?

The SecureFusion Vulnerability Management module scans for thousands of known vulnerabilities in operating systems, infrastructure, network applications and databases. The vulnerability signatures are updated on a daily basis and provide checks for the most recent security vulnerabilities. Signatures for new high-risk vulnerabilities are typically available within 24-48 hours after public notice of the vulnerability. 

End-to-End Automation and Workflow

SecureFusion Vulnerability Management includes management and workflow capabilities to speed and automate the entire vulnerability management lifecycle. The scan management capabilities include scan scheduling, scan queue, detailed scan history, results filtering and target blacklisting. Each vulnerability detected can automatically assign a remediation task to the appropriate person or administrator. Using the SecureFusion Portal, you can assign remediation tasks to specific users, mark items completed and view remediation reports to track progress and demonstrate success. 

System Patch Reporting

The vulnerabilities identified on your network are automatically correlated with the corresponding vendor patches that are missing. This information is presented in our enterprise patch reports by vendor and by vendor bulletin. Informative charts, statistics and drill down capabilities give you the ability to identify gaps and trends in your system patch processes.

Results Filtering

False positives, accepted risks and vulnerabilities with compensating controls can be designated and are automatically removed from future reporting. 

Automated Signature Updates

New vulnerability signatures are automatically checked for every four hours to ensure you are scanning for the most current and pressing vulnerabilities.

Target Blacklisting

Eliminate the concern of impacting sensitive hosts, networks or third parties by using our blacklisting capability.

Bandwidth Throttling

You control the speed (bandwidth utilization) of vulnerability scans and the network traffic generated by assigning an integrated bandwidth throttle to the scanning process. For increased flexibility, this is controlled globally or by individual network.

Massive Scalability

Most SecureFusion vulnerability scanning implementations maintain very small footprints and are managed centrally. However, SecureFusion Vulnerability Management was designed for distributed architectures, so you can place multiple scanning modules throughout your enterprise. SecureFusion uses a service-oriented architecture so that standard deployments can be centralized or distributed based on your needs.

Dynamic Report Building

Our Web-based reporting engine allows users to quickly generate custom reports targeting specific areas of interest or concern. As such, the SecureFusion Portal quickly becomes a communications hub for different organizations within the enterprise.

Automated Scheduling

We provide an extensive scheduling interface that allows you to develop a detailed and customized scanning program. Scans that are scheduled to run on a recurring basis are automatically performed and require no further intervention. You can define schedules for different groups of assets. For example, you can scan PCI- or Sarbanes Oxley-related assets on different intervals in accordance with compliance requirements.

Benefits

Quickly View and Prioritize Remediation

With all vulnerability data accessible from the SecureFusion Portal, management can quickly view and prioritize risk remediation efforts across the enterprise. Our reporting capability provides a holistic view of all vulnerabilities. It automatically prioritizes findings and provides detailed reporting by business unit, platform, network, asset class and vulnerability type. Reports can be dynamically generated so that IT professionals can quickly identify vulnerabilities impacting their specific area of responsibility.

Third Party Integration

The SecureFusion Portal is built on a service-oriented architecture and can integrate with existing enterprise systems via Web services. Existing vulnerability scanning devices, trouble ticketing systems or patch management systems can benefit from this integration. By integrating with SecureFusion, you will have a comprehensive view of enterprise vulnerabilities while maximizing your current technology investment.

Increase Productivity and Efficiency

The vulnerability scanning process provided by SecureFusion is completely automated and easily deployed. You maintain complete command and control over enterprise scanning from a central portal. Personnel no longer need to spend valuable time running ad-hoc scans or maintaining complex deployments of vulnerability scanners. Scanning is fully automated, as well as the collection of results, reporting and vulnerability tracking. With SecureFusion Vulnerability Management, you can focus security expertise on the analysis and mitigation of risks instead of mere risk identification.

View a Demonstration of SecureFusion

Our demonstration walks you through the SecureFusion Portal, populated with actual enterprise data from asset discovery, vulnerability management, configuration management and policy management.
Request a demo

For More Information