Symantec Risk Automation Suite
SRAS automates and orchestrates enterprise IT security and risk management. SRAS simplifies and integrates network discovery, baseline configuration management and vulnerability management enabling reporting for enterprise risks and regulatory compliance. It offers flexible agent-based or agent-less data gathering options across multiple hardware and software platforms. SCAP validated, enterprise proven.
WHITE PAPER
Addressing the Consensus Audit Guidelines (CAG) with the Symantec Risk Automation Suite (RAS)
The Consensus Audit Guidelines are aimed at addressing the most effective countermeasures in cyber- security. A consensus among multiple industry experts, the CAG was developed with the intent to help defend our nation’s intelligence and information infrastructures. It reflects 20 key control areas – a list that resulted from the collaborative work of federal CIOs, CISOs, DoD Blue Team members, FBI cybercrime teams, and forensic experts. The CAG is viewed as
an effective guide for blocking well-known, high-priority attacks across government infrastructures.
Read the white paper
What are Agents, Options and Add-ons
Add-ons are additional products that work with the original product.
Add-ons
Asset Discovery
The Asset Discovery module performs a continuous network and asset inventory via high-speed unauthenticated network scans, delivering the results to the Risk Automation Suite portal for automatic asset classification, categorization and alignment with critical systems to support the C&A process. Analytics within the portal identify rogue networks and hosts, and enable quick network leak detection and mitigation.
- Asynchronous scanning allows a single scanner to scan up to 50,000 assets per day.
- A single integrated discovery orchestrates multiple security processes: Configuration Auditing, Vulnerability Scans, Inventory of Devices and Software.
- Continuous process that meets and exceeds Cyberscope inventory reporting requirements for US Govt. Departments and Agencies.
Show MoreShow Fewer
Configuration Management
The Configuration Management module continuously audits the status of technical controls across the IT environment, including installed software, file sharing, user access, system patches and end-user controlled security settings. The module employs a lightweight process that helps gather critical compliance information without impacting IT operations or making changes to existing systems.
- SCAP Validated
- FDCC Scanner
- Authenticated Configuration Scanner
- Misconfiguration Database
- CCE
- CVSS
Includes out of the box policies for FDCC, STIGS, HIPAA, and customer specific policies as well.
Vulnerability Management
The Vulnerability Management module controls the scans for thousands of known vulnerabilities in operating systems, infrastructure, network applications and databases. The module offers management and workflow capabilities to speed and automate the entire vulnerability management lifecycle.
- SCAP Validated
- Authenticated Vulnerability and Patch Scanner
- Vulnerability Database
- CVE
- CVSS
Support for command and control over CCS VM, and 3rd party vulnerability scanners.
