Symantec recently launched a new member of the Control Compliance Suite family - Symantec Control Compliance Suite Vulnerability Manager (CCS VM). This new product will help you when you are challenged to answer questions like which databases, servers and network devices are vulnerable to hacker attacks, which Web applications are exposed to SQL injection, and cross-site scripting threats, which unmanaged devices pose a security risk to your critical systems, or which vulnerabilities should receive highest priority for remediation efforts.
How is this product working? Well, first of all, it scans host operating system, database and Web application (including AJAX and Web 2.0 applications) for vulnerabilities by using a unique vulnerability chaining mechanism to identify cumulative risks and attack vectors. As of today CCS VM provides scanning for more than 54,000 regularly updated vulnerability checks across 14,000+ vulnerabilities. It includes vulnerability content for the most popular database management systems, including MS SQL, IBM DB2, MySQL, Sybase, Informix, Oracle, PostgreSQL and others. The agent-less, native 64-bit scan engine provides high-performance scanning for faster results. In addition, a risk scoring algorithm provides insight into whether or not a vulnerability is exploitable.
In particular on Microsoft, CCS VM receive updated vulnerability checks within 24 hours of Microsoft Patch Tuesday. It included checks for Red Hat Enterprise Linux patches, and provides other applications coverage, i.e. for Adobe Flash & Reader, Cisco IOS, Mozilla Firefox, Solaris, Sun JVM, etc.
Last but not least, it is highly scalable via distributed scan engine architecture, and contains an open, standards-based integration API.
In summary, CCS VM is a comprehensive expert technology, it scans entire Web application, database and operating system stack for vulnerabilities including mechanism for vulnerability “chaining” that enables detection of hidden vulnerabilities, and confirms whether exploits actually exist or not.
So why Vulnerability Management matters? The answer is simple, investing into automating vulnerability management just pays. The recent published research by the IT Policy Compliance Group clearly shows that automating the procedures to find and fix vulnerabilities and unknown exploits in IT systems
- Reduces unexpected business downtime from IT disruptions
- Reduces the likelihood of data loss or theft
- Contributes to reductions in security and audit deficiencies in IT
- Is justified, with returns easily exceeding 150 percent annually
You can get more information about it from the attached 2 page summary of the report, or get a full copy of this and related reports from the IT Policy Compliance Group website: www.itpolicycompliance.com.
Feel free to contact me for any further question.