CA Vulnerability Manager r8.3



Similar documents
CA Service Desk Manager

CA Configuration Management Database (CMDB)

Simply Sophisticated. Information Security and Compliance

IBM Security QRadar Vulnerability Manager

Operational Efficiencies of Proactive Vulnerability Management

Can CA Information Governance help us protect and manage our information throughout its life cycle and reduce our risk exposure?

SOLUTION BRIEF: CA IT ASSET MANAGER. How can I reduce IT asset costs to address my organization s budget pressures?

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

Extreme Networks Security Analytics G2 Vulnerability Manager

How can Identity and Access Management help me to improve compliance and drive business performance?

Effective Threat Management. Building a complete lifecycle to manage enterprise threats.

Leveraging Privileged Identity Governance to Improve Security Posture

CA NSM System Monitoring. Option for OpenVMS r3.2. Benefits. The CA Advantage. Overview

Continuous Network Monitoring

Leveraging a Maturity Model to Achieve Proactive Compliance

Total Protection for Compliance: Unified IT Policy Auditing

How To Buy Nitro Security

CA Tape Encryption Key Manager

IPLocks Vulnerability Assessment: A Database Assessment Solution

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

Security. Security consulting and Integration: Definition and Deliverables. Introduction

How To Monitor Your Entire It Environment

Cisco Advanced Services for Network Security

IBM Security QRadar Risk Manager

IBM Security QRadar Risk Manager

Enforcive / Enterprise Security

CA HalvesThe Cost Of Testing IT Controls For Sarbanes-Oxley Compliance With Unified Processes.

Executive Summary Program Highlights for FY2009/2010 Mission Statement Authority State Law: University Policy:

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

1 Introduction Product Description Strengths and Challenges Copyright... 5

Vulnerability Management

CA Message Manager. Benefits. Overview. CA Advantage

QRadar SIEM and FireEye MPS Integration

CA Service Desk On-Demand

FIREMON SECURITY MANAGER

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time

Simplify Your Windows Server Migration

Payment Card Industry Data Security Standard

Lumension Endpoint Management and Security Suite

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Sarbanes-Oxley Compliance for Cloud Applications

How To Manage Security On A Networked Computer System

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

LOG INTELLIGENCE FOR SECURITY AND COMPLIANCE

IBM Tivoli Compliance Insight Manager

Symantec Control Compliance Suite. Overview

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Strengthen security with intelligent identity and access management

Symantec Control Compliance Suite Standards Manager

Network Security and Vulnerability Assessment Solutions

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

Symantec Cyber Security Services: DeepSight Intelligence

IT Security & Compliance. On Time. On Budget. On Demand.

Breaking down silos of protection: An integrated approach to managing application security

LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

Hope is not a strategy. Jérôme Bei

CA Database Performance

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

CA IT Client Manager

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Achieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations

Best Practices for Building a Security Operations Center

Reducing the cost and complexity of endpoint management

CA IT Client Manager Asset Inventory and Discovery

IBM SECURITY QRADAR INCIDENT FORENSICS

How To Protect Your Network From Attack From A Network Security Threat

Extreme Networks Security Analytics G2 Risk Manager

SELECTING THE RIGHT HOST INTRUSION PREVENTION SYSTEM:

Secunia Corporate Software Inspector (Secunia CSI) ver.5.0

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Vistara Lifecycle Management

IBM QRadar Security Intelligence April 2013

FISMA Compliance: Making the Grade

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

Boosting enterprise security with integrated log management

can you improve service quality and availability while optimizing operations on VCE Vblock Systems?

Intel Security Certified Product Specialist Security Information Event Management (SIEM)

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

CA Records Manager. Benefits. CA Advantage. Overview

QRadar SIEM 6.3 Datasheet

effective performance monitoring in SAP environments

PCI DSS Reporting WHITEPAPER

EnCase Enterprise For Corporations

Three significant risks of FTP use and how to overcome them

Cyber Security Services: Data Loss Prevention Monitoring Overview

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

CA Anti-Virus r8.1. Benefits. Overview. CA Advantage

Avoiding the Top 5 Vulnerability Management Mistakes

Leveraging Network and Vulnerability metrics Using RedSeal

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

CA Repository for Distributed. Systems r2.3. Benefits. Overview. The CA Advantage

Kaseya IT Automation Framework

PCI DSS Top 10 Reports March 2011

PATCH MANAGEMENT. February The Government of the Hong Kong Special Administrative Region

10 Steps to Establishing an Effective Retention Policy

Symantec Messaging Gateway 10.6

Symantec Messaging Gateway 10.5

IBM Security Intelligence Strategy

Real-Time Security for Active Directory

Optimizing Network Vulnerability

Transcription:

PRODUCT BRIEF: CA VULNERABILITY MANAGER CA Vulnerability Manager r8.3 CA VULNERABILITY MANAGER PROTECTS ENTERPRISE SYSTEMS AND BUSINESS OPERATIONS BY IDENTIFYING VULNERABILITIES, LINKING THEM TO CRITICAL BUSINESS ASSETS AND PROVIDING STEPS FOR REMEDIATION. Overview Benefits CA Advantage Today s enterprise security organization needs to mitigate the risk that threatens critical business operations.ca Vulnerability Manager enables you to identify vulnerabilities, link them to the business assets they affect and remedy them. CA Vulnerability Manager enables you to simplify and streamline the complex process of risk mitigation, work with up-to-date vulnerability information, control costs and meet compliance obligations. By managing and mitigating risk, you protect critical business systems and help ensure ongoing business operations. The distinctive, asset-based vulnerability management approach employed by CA Vulnerability Manager addresses every aspect of system vulnerabilities with a single tool. As the vulnerability management component in the CA Security Information Management solution, CA Vulnerability Manager contributes to the larger CA vision of Enterprise IT Management (EITM). Its goal: to simplify and unify IT management across the enterprise.

CA Vulnerability Manager Uses Asset-Based Vulnerability Assessment to Secure Your Enterprise Vast and increasing numbers of vulnerabilities in your software open the door to malicious attacks that can disrupt critical business systems. To prevent such disruptions means finding and fixing vulnerabilities before someone exploits them. To achieve this herculean feat requires knowledge: Know Your Assets Identify the technologies running on them and how critical those assets are to business continuity Know Your Vulnerabilities Identify, research and validate vulnerabilities and determine their relationship to business-critical assets Know Your Organization s Security Risk Posture Identify those assets that must be protected immediately Know the Remedy Establish the best practice for protecting your systems from a given vulnerability Know Whether the Vulnerability Has, in Fact, Been Fixed Determine if the remediation was implemented, if it worked, and preserve this information for compliance records You can gain the knowledge you need with a single, comprehensive tool CA Vulnerability Manager. Its unique, asset-based vulnerability assessment approach gives you visibility into every platform and application in your IT infrastructure. This visibility, along with key features, enables you to mitigate risk and helps ensure business continuity. Key Features ASSET-BASED VULNERABILITY ASSESSMENT Using asset-based vulnerability assessment, you gain a comprehensive picture of your assets, new and existing. You can find new assets with Asset Discovery, by non-intrusively scanning within a specified IP range and gathering highlevel information, such as the IP address, host name and operating system. The discovery process can be run on an ad-hoc or scheduled basis. Asset Inventory enables you to perform either a scheduled or an on-demand inventory, identifying the technologies running on your asset down to a patch level. You can then group the assets, classify their risk level and assign administrative privileges. RISK-PRIORITIZED TASK MANAGEMENT System administrators can prioritize tasks according to risk, helping to ensure that the most critical vulnerabilities are handled first. They can determine how a known vulnerability will affect any given asset with vulnerability-to-asset correlation, which automatically compares your asset inventory data to a validated vulnerability database provided by CA. Once vulnerability is established, remediation instructions define the correct action to take apply a patch, change a configuration setting, implement a shielding tactic or apply a complex patch fix. The instructions also provide manual remediation instructions when automated patch delivery is not feasible. You can assign status and track manual remediation. 2 PRODUCT BRIEF: CA VULNERABILITY MANAGER

After remediation occurs for an asset, you can review the disposition status of the remedy with tracking methods provided by CA Vulnerability Manager. This includes administrative notes that detail remediation progress and verify completion of the work essential for audit and compliance purposes. VALIDATED SECURITY INFORMATION You can further secure your assets by leveraging the abilities of the CA Security Advisory team, a global network that researches, assembles and validates security risks through a patent-pending process that supports proactive risk management. This process reduces or eliminates false positives, enabling your administrators to focus on the real threats to your IT environment. The content and code in the vulnerability database are updated automatically. As new vulnerabilities are downloaded, the data is correlated and the risk-prioritized task list is dynamically updated. The latest code enhancements are automatically applied during a userdefined maintenance window, creating hands-off software maintenance. REPORTING CAPABILITIES Through a variety of reports, you gain a comprehensive understanding of your security posture and can measure risk. Enterprise-Wide Reporting reports risk exposure in real time and details progress toward mitigation Top 10 Reports lists the Top 10 assets most at risk according to their protection rating On Demand Queries you define the queries through an easy-to-use query wizard. Results can be exported to CSV-compatible tools. ADMINISTRATIVE MANAGEMENT CAPABILITIES You simplify administering assets and managing their risks with CA Vulnerability Manager. You can group assets, which can be automatically defined based on parameters such as location, role in the network, or value to the enterprise. You can then assign a protection rating to each asset group, based on its importance to your business. You can further protest assets with pre-defined user roles and permissions. Each user can be assigned to a specific asset group, giving them access only to those assets and task lists they manage. Global updates enable you to make a single administrative change to multiple assets, such as changing an asset group designation or deleting a group of assets. System administrators can close tasks across multiple asset groups, creating efficiencies in the daily routine. You can also define a global status for a specific vulnerability across the enterprise. The Bigger Security Picture The information gained by knowing your assets and vulnerabilities and the relationships between them is put to good use in more ways than one. You can view the data and reports generated by CA Vulnerability Manager along with information from other security products, events and processes through the CA Security Command Center (CA SCC). CA SCC also accepts event notifications and correlates them with security incidents discovered by other real-time devices. This comprehensive view of disparate security data enables you to take corrective action and run investigations through a single, centralized command and control center. PRODUCT BRIEF: CA VULNERABILITY MANAGER 3

How CA Vulnerability Manager Works CA Vulnerability Manager facilitates risk mitigation by initially conducting a scheduled asset inventory where system data is collected. The data is then correlated with known vulnerabilities and compiled into a prioritized task list that defines your most critical vulnerabilities. Remediation instructions detail the appropriate corrective action and verification is provided to measure progress toward enterprise risk mitigation. CA Vulnerability Manager displays information through a home page dashboard and user interface. It highlights the Top 10 high-risk assets, new vulnerabilities and a summary of your organization s overall security risk. A task list search feature enables you to drill down to more detailed information. CA Vulnerability Manager supports Windows operating systems, embedded applications, UNIX and Linux. FIGURE A CA Vulnerability Manager correlates data from your software with known vulnerabilities. THE CA VULNERABILITY MANAGER PROCESS 4 PRODUCT BRIEF: CA VULNERABILITY MANAGER

Vulnerability Mitigation Helps Ensure Business Operations CA Vulnerability Manager enables you to: simplify and streamline the mitigation process, from data collection through reporting; work with up-to-date information when dealing with emerging and evolving vulnerabilities; control costs; and meet compliance requirements. Most importantly, you acquire the knowledge you need about system assets and vulnerabilities that enables you to mitigate risk and help ensure business operations. Simplify and Streamline CA Vulnerability Manager enables you to simplify the complex and time-consuming processes required to mitigate risk. Automated asset discovery and inventory, correlation to vulnerabilities and prioritization of tasks help you streamline daily routines. Your security personnel can focus on other critical duties a valuable commodity given the demands on today s IT organizations. Up-to-Date Information Because vulnerabilities evolve and new threats constantly emerge, up-to-date information is critical to successful mitigation. Based on hourly or daily updates, IT is aware of new threats to enterprise operations and can take the correct action to remedy the situation. Control Costs You can control costs by off-loading to the CA Security Advisory Team the task of researching and validating new vulnerabilities. Once those vulnerabilities are in your database, CA Vulnerability Manager automatically determines which machines are vulnerable and prioritizes fixes based on your business priorities. Meet Compliance Requirements You can provide auditors solid documentation to help meet compliance and regulatory requirements with CA Vulnerability Manager tracking and reporting capabilities. You can prove that you know what your risks are and show that steps have been taken to mitigate them. CA Advantage CA Vulnerability Manager enables you to manage vulnerabilities before they can be exploited. As an integral part of the CA Security Information Management (CA SIM) solution, CA Vulnerability Manager integrates easily with other security products, including CA SCC, moving you closer to comprehensive IT management across the enterprise. CA Vulnerability Manager is an integral part of CA s Security Information Management solution, and an important part of EITM CA s overall approach to transforming IT management. CA unifies and simplifies IT management across the enterprise for greater business results. PRODUCT BRIEF: CA VULNERABILITY MANAGER 5

CA Technology Services and our partners can help you assess your current IT situation, define your goals and implement solutions to gain measurable results. To keep your CA solutions operating at peak performance, CA support delivers unparalleled technical and customer support worldwide, and we offer training and certification through CA Education. Next Steps CA Vulnerability Manager, with its distinctive asset-based vulnerability assessment approach, simplifies the complex process of managing vulnerability and ensures the continuity of business operations while controlling costs and contributing to compliance efforts. To learn more, and see how CA software solutions enable organizations to unify and simplify IT management for better business results, visit ca.com/products. Copyright 2007 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. PB05VMGR01E MP314730407 Learn more about how CA can help you transform your business at ca.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information