Vulnerability Management

Vulnerability ManagementAs assets including hardware, operating systems, and others, are readily managed through TrustedAgent, organizations can also import vulnerability scanning results from vulnerability scanning tools into TrustedAgent. Identified vulnerabilities can be linked to the impact assets for managing remediation. Integration eliminates replication of effort and errors, and ensures that risk posture of assets is monitored and secured to address the requirements of continuous monitoring program.

Highlighted Features supporting Vulnerability Management

  • Conduct or Import Scans :: Import XML (SCAP-compliant) results of many leading-industry vulnerability and web scanning tools such as Tenable Nessus, IBM AppScan, and others. Using connectors, identified vulnerabilities can be quickly transferred/imported to TrustedAgent for risk remediation until closure, saving significant time. The list of ongoing collection of available connectors can be viewed here.
  • Streamline Vulnerability Reconciliation :: Rapidly identify new vulnerabilities from recurring vulnerabilities and vulnerabilities under remediation, eliminating tedious and error-prone manual reconciliation of vulnerabilities. Link vulnerabilities to finding reports and to impacted assets.
  • Scan Result Analysis :: Triage and analyze imported vulnerabilities directly withjin TrustedAgent. Review vulnerabilities and prioritize remediation based on the risk level (using either quantitative or qualitative method (CVSS or a risk level varying from very low to very high).
  • Vulnerability Remediation :: Manage remediation to completion or closure with built-in corrective action workflow. Gain visibility to remediation progress through the corrective action dashboard.
  • Verification of Remediation Effectiveness :: Confirm effectiveness with a new scan, and manage closure of pending verification corrective actions.
  • Vulnerability Dashboard and Reporting :: Comprehensive drill-down of vulnerabilities, by asset type, by product and vendor, and their remediation by risk level and remediation status. Automate the reporting of vulnerabilities into regulatory and compliance reports using built-in content markers.

Back to top

Scroll To Top