The globalization of business operations, as well as the adoption of mobile and cloud-based technologies have resulted in a complex IT environment with increasing threat surface areas and vulnerabilities. To counter the threats, and comply with industry regulations, many organizations leverage vulnerability scanners, as well as Data Loss Prevention (DLP) and Security Information and Event Management (SIEM) tools.
However, there are multiple challenges involved when it comes to aggregating, standardizing, and correlating threat and vulnerability data, as well as prioritizing and tracking remediation activities. Most systems for vulnerability management, patch management, ticketing, and change management operate in silos. This approach makes it difficult for enterprises to track and resolve vulnerabilities. It also limits top-level visibility into the effectiveness of the vulnerability management systems and processes. Hence, many organizations are adopting a disciplined and integrated approach to discover, prioritize, and remediate threats and vulnerabilities.Download Fact Sheet
MetricStream Threat and Vulnerability Management App
The MetricStream Threat and Vulnerability Management (TVM) App helps you aggregate, prioritize, track, and remediate information security threats and vulnerabilities in an efficient and collaborative manner. The app delivers a combined risk rating for business assets by combining the vulnerability rating with the asset criticality rating.
A built-in integration engine imports and consolidates threat and vulnerability information from various sources, thereby providing a unified view of the data. In addition, a centralized repository helps map threat and vulnerability data to assets and other business entities, enabling you to clearly visualize your information security program library (assets, asset classes, areas of compliance, and their relationships).
Through the app, remediation tasks can be defined and implemented easily. At each stage, automatic notifications can be set out to the responsible personnel with comprehensive details on each threat or vulnerability, including the source, affected technologies, available controls, and possible remediation instructions.
Why MetricStream TVM App
Integrates with Vulnerability Scanning Tools
Provides a built-in integration engine to import vulnerability data from multiple third-party tools such as QualysGuard and Nessus; delivers comprehensive visibility into vulnerabilities across the enterprise
Supports the Creation of a Centralized TVM Library
Helps build a library for threat and vulnerability management which documents areas of compliance, asset classes, and assets, as well as the relationships across these data elements
Combines an asset’s vulnerability severity rating with its business criticality rating to provide a consolidated risk rating; provides a comprehensive view of the top vulnerabilities and related risks
Streamlines Issue and Remediation Management
Helps identify and track issues arising from threats and vulnerabilities; captures issue type, priority, rating, impact, and likelihood; enables the issue to be remediated in a timely manner
Provides “Early Warnings” or Notifications from Threat Advisories
Leverages threat advisories to provide comprehensive details on each threat, including the CVE ID, source, affected technologies, available controls, and possible remediation; enables users to respond effectively to contain the threat
Transforms Vulnerability Data into Actionable Risk Intelligence
Provides powerful dashboards, reports, and analytics that convert vulnerability data into actionable risk intelligence to support decision-making
M7 Platform Highlights
Engaging and Personalized User Experience
Makes the threat and vulnerability management process simple, context-sensitive, and personalized for each user; facilitates an intuitive and engaging user experience
Supports app configurations and extensions in an upgrade-safe and scalable manner through the MetricStream AppStudio configuration framework; helps the organization adapt to change quickly
Reporting and Analytics
Delivers powerful visualization tools and analytics to manage and monitor threat and vulnerability management trends, data relationships, and actions in real time across the extended enterprise
Lean and Robust Architecture
Is built on a lean, modern, scalable, and extensible architecture that enables the global digital enterprises of today to seamlessly scale up and support new users, while also adding new apps and solutions to meet changing organizational needs
Centralized Asset Library
Create, document, and manage IT assets, asset classes, and areas of compliance. Consolidate assets in a common library, leveraging out-of-the-box connectors with Configuration Management Databases (CMDBs) such as BMC Atrium and ServiceNow. Map IT assets to business entities, threats, and vulnerabilities. Manage and view these relationships easily using the data browser or data explorer.
Consolidation of Threat Intelligence
Stay on top of threats and vulnerabilities before they are discovered in business assets by creating and subscribing to RSS or email-based threat alerts or channels of interest from leading industry sources. Filter threat alerts by keywords, and trigger threat remediation workflows for prioritized threats.
Combined Risk Rating and Vulnerability Prioritization
Import vulnerability data from multiple third-party vulnerability scanning tools such as QualysGuard and Nessus. Configure risk-rating rules (via. the GRC rules engine) to combine an asset’s vulnerability severity rating with its business criticality rating. Generate a Combined Risk Rating (CRR), thereby providing a rich business and vulnerability context for vulnerability prioritization. Based on the combined risk rating, prioritize vulnerability remediation strategies, and trigger the remediation workflow. Leverage pre-defined templates and rules to automate vulnerability remediation.
Issue / Incident and Remediation Management
Manage and resolve issues or incidents arising from threat and vulnerability management. Enable real-time tracking of these issues or incidents across the enterprise. Also, facilitate cross-functional collaboration and communication on issue investigation and remediation tasks.
Identify issues for remediation and/or disclosure, and assign them to the relevant owners. Define the issue type, priority, rating, impact, and likelihood. Auto-trigger incidents, and determine the incident priority, urgency, and impact. Also, define remediation rules, and trigger a systematic mechanism of remediation through the underlying workflow and collaboration engine.
Threat and Vulnerability Reporting
Generate real-time intelligence on threats and vulnerabilities, along with historical information, statistics, and trends through graphical dashboards and reports. Gain a 360º view of your organization’s threat and vulnerability posture, and drill down to view the content at finer levels of detail. Use key metric cards and issue or incident status charts to quickly view the current status of your threat and vulnerability management program.