Find, isolate, and fix the holes fast.
Finding, verifying, and fixing vulnerabilities is a constant battle for the security analyst. And treating vulnerability assessment as a separate function in an overall security management program delays remediation efforts.
Rapidly removing application and device vulnerabilities is the single most effective way to improve your security posture and reduce risk across your enterprise. The quickest path to vulnerability mitigation is through automating and integrating the discovery and validation process.
Through automated and real-time cross-correlation of vulnerability findings, network traffic analysis, and detailed asset information, AlienVault filters through the noise of false positives and allows you to focus on closing those holes that truly matter.
Continuous vulnerability monitoring and assessment
AlienVault’s built-in vulnerability assessment functionality provides a continuous means for identifying insecure configurations, unpatched and unsupported software. AlienVault USM provides various options to implement vulnerability assessment:
- Continuous vulnerability monitoring – also known as passive vulnerability detection, correlates the data gathered by asset discovery scans with known vulnerability information for improved accuracy
- Active network scanning – actively probes hosts using carefully crafted network traffic to illicit a response
- Unauthenticated scanning - without requiring host credentials, the scan will probe hosts with targeted traffic and analyze the subsequent response to determine the configuration of the remote system and any vulnerabilities in the running software
- Authenticated scanning - uses the provided access to the target host’s file system to perform more accurate and comprehensive detection of vulnerabilities by inspecting the installed software and its configuration
You can mix and match these methods as well. For example, you may wish to run authenticated scans on compliance-related assets and throttle back to passive vulnerability assessment on low risk assets where reducing network traffic matters more than validating stringent security configurations.
The best part is all of this is that you can view updated vulnerability reports, kick off scans, generate tickets, and conduct false positive analysis – all through a single console.
Request a Quote