Vulnerability Management Systems

Vulnerability Management System

Are you uncertain if the assets of your information infrastructure may contain a vulnerability resulting from a incompatible configuration or the absence of security updates? If so, we would like to recommend an implementation of a VMS tool (Vulnerability Management System) thanks to which you will gain a crucial overview of the risks related to the individual components of your network.

 

We take care of your security holes

One big energy corporation took advantage of dozens of platforms for its applications. It faced the problem of securing them, because the audit required lots of human resources. The company addressed AEC to create individual documentation for 15 of the most widely-used platforms.

Within AEC we made standards for the security setting (so-called hardening) so they would suit the required high-level of security. These methodologies helped the company manage its suppliers with the applications' adjustment. After managing the successful project we were entrusted to prepare new standards for forty more platforms.

Due to the huge amount of administrated technologies, we proposed the implementation of a tool for vulnerability management (VMS) that makes automated checks of compliance with security standards, and began to supply uncluttered reporting, thereby saving the customer on other human resources.

The solution's description

Continuous technology of the security vulnerability monitoring in the network identifies the missing patches, vulnerable configurations of services, network components, and other vulnerabilities (servers, end devices, active components, DB and APP servers).

Vulnerability Management Systems are easily integrated into various SIEM systems. Part of these solutions is of course a proposal and best practices, due to which the administrators get the instant instructions how to remedy the risks found.

This technology brings you not only an instant overview of riskiness and vulnerability of your network, but due to the flexible and fully customized reporting, you can gain grounds for e.g. the audit purposes, or for CSO. Another significant advantage is savings on the internal FTE, which are spent on the manual implementation of such tests in most companies.

There are many reasons for solving this matter

  • High internal costs on activities regarding security tests carried out manually;
  • disorganized or zero reporting for various levels of company's management;
  • unknown riskiness of the network and its components;
  • legislative requirements;
  • fulfillment of various security standards;
  • tests' automation;
  • verification of patch management.

Key benefits of the VMS implementation

  • Flexible, scalable, comprehensible and fully configured reporting for various levels of network;
  • savings on internal costs due to automated tests;
  • grounds for audit;
  • compliance with various international standards;
  • automated patch audit;
  • nonstop network monitoring, that monitors even newly involved assets and place them under its scans.

References

We have years of experience in the implementation of numerous projects for leading organizations in their branches such as:
  • Česká pošta
  • Telefonica O2