How it Works
Software Vulnerability Management is critical to the security of organizations’ infrastructures and assets. Vulnerability Intelligence Manager combines vulnerability intelligence and management tools to support the entire Software Vulnerability Management lifecycle.
How Vulnerability Intelligence Manager Supports the Software Vulnerability Management Lifecycle
- Vulnerability information is verified and described
- Vulnerability intelligence on applications running on hardware, firmware, middleware and industrial control systems is sent to our customers
- Inventory data is used to configure asset lists, groups and alerts for correlation
- Vulnerability intelligence is correlated with your inventory for assessment of vulnerability status of over 50,000 applications
- Vulnerability intelligence and correlation allows risk assessment, decision making and distribution of tasks
- Secunia Advisories contain information about existing mitigation actions, when available
- Ticketing system and reports to track and document risk assessment and implementation of mitigation actions
How It Works
- Secunia Research monitors all information about software vulnerabilities. When a potential software vulnerability is publically disclosed, Secunia Research gets to work on verifying that it is in fact a vulnerability. Once confirmed, our experts analyze the severity and what software might be affected. Then, a standardized and 100% vendor independent Secunia Advisory is written for the vulnerability, detailing attack vector, criticality rating, impact, solution and more.
- Vulnerability Intelligence Manager customers receive software vulnerability intelligence. The Secunia Advisory is uploaded to Vulnerability Intelligence Manager, and adapted intelligence feeds are delivered to our customers, based on customized pre-configured filters, to ensure the right groups of people are alerted whenever a new vulnerability that could affect your IT infrastructure is discovered. You can customize filters according to e.g. software responsibility, compliance criteria or geography for each of the recipients in your organization.
- Personalized security alerts go out and tickets are created – via email or SMS - are then issued in real-time to the correct individual in your organization. A ticket will be created when a relevant Secunia Advisory is issued. The ticket is in effect a product–based interface and enables your organization to manage the vulnerability based on the current state of all products, vendors, and asset lists.
- Manage vulnerability intelligence based on compliance policies. Throughout the vulnerability management process you are able to generate reports. You can also configure internal compliance policy rules based on the compliance policies relevant to your organization.