Continuous Vulnerability Management
Close the gaps between security
assessments and significantly reduce risk.
Continuous Vulnerability Management Lifecycle
Automated asset identiﬁcation and categorization
Knowing what’s active in a global hybrid-IT environment is fundamental to security. Continuous Vulnerability Management enables customers to automatically discover and categorize known and unknown assets, continuously identify unmanaged assets, and create automated workﬂows to manage them effectively. After the data is collected, customers can instantly query assets and any attributes to get deep visibility into hardware, system conﬁguration, applications, services, network information, and more.
Real-time vulnerability and misconﬁguration detection
Continuous Vulnerability Management enables customers to automatically detect vulnerabilities and critical misconﬁgurations per CIS benchmarks, broken out by asset. Misconﬁgurations, unlike vulnerabilities, do not have formal CVE IDs associated, which can leave assets out of compliance and vulnerable to attack. Continuous Vulnerability Management continuously identiﬁes critical vulnerabilities and misconﬁgurations on the industry’s widest range of devices, operating systems, and applications.
Automated remediation prioritization with context
Continuous Vulnerability Management uses real-time threat intelligence and machine learning models to automatically prioritize the vulnerabilities posing the most signiﬁcant risk to your organization. Indicators, such as Exploitable, Actively Attacked, and High Lateral Movement, bubble up current vulnerabilities that are at risk while machine learning models highlight vulnerabilities most likely to become severe threats, providing multiple levels of prioritization. Further prioritize remediation by assigning a business impact to each asset, like devices that contain sensitive data, mission-critical applications, public-facing, accessible over the internet, etc.
Patching and remediation at your fingertips
After prioritizing vulnerabilities by risk, Continuous Vulnerability Management rapidly remediates targeted vulnerabilities, across any size environment, by deploying the most relevant superseding patch. Additionally, policy-based, automated recurring jobs keep systems up to date, providing proactive patch management for security and non-security patches. This significantly reduces the vulnerabilities the operations team must chase down as part of a remediation cycle.