Home About Us Products Training Professional Services News/Events Contact Us
Security Technologies
Firewall
DLP
VPN
Intrusion Prevention
Authentication
Content Security
Cryptographic Techniques
Enterprise Security Management
Vulnerability Management
Secure Web Gateway
Security Architectures
Secure Internet Perimeter
Secure Remote Access
Identity & Access Management
Internal Security
 
Qualys

VULNERABILITY MANAGEMENT

Vulnerability Assessment is an essential component of an effective security program. VA initially provides discovery and security baseline data, and periodic rescanning provides updated data for vulnerability management, trending and compliance reporting. VA tools provide a bottom-up security baseline for the IT environment from a database of known vulnerabilities. There are three approaches to VA: active network scanning, passive observation of network traffic and persistent agents. The most-accurate scanning requires credentialed access (over the network or via an agent).

IT security organizations require a network-based approach that can accurately discover and evaluate vulnerabilities on managed and unmanaged systems. However, for VA data to be used to improve security and satisfy audit requirements, there must be strong prioritization capabilities and reporting with three orientations: security (vulnerability and threat-focused), operations (remediation-focused) and audit (risk and remediation trending). Organizations also will need to implement the vulnerability management life cycle if they want to use VA to make the environment more secure.

McAfee Vulnerability Manager Qualys GUARD
Identify risk exposures and policy violations. Prioritize resources. Reduce risk. IT Security and Compliance Delivered as a Service

Which threats and vulnerabilities require your attention? Which policies have been violated? Quickly and accurately find and prioritize vulnerabilities and violations on your networked systems with McAfee Vulnerability Manager. Meet PCI DSS quarterly scan requirements with McAfee PCI Certification Services. McAfee is a PCI Approved Scanning Vendor (ASV).

Qualys' on demand approach to IT security and compliance enables organizations of all sizes to successfully achieve both vulnerability management and policy compliance initiatives cohesively, while reducing costs and streamlining operations. Using an innovative Software as a Service (SaaS) approach, the QualysGuard® Security and Compliance Suite combines Qualys' industry leading vulnerability management service with a comprehensive IT compliance solution.
Copyright © Provision Software Division 2005. All rights reserved.