Overview

The globalization of business operations, as well as the adoption of mobile and cloud-based technologies have resulted in a complex IT environment with increasing threat surface areas and vulnerabilities. To counter the threats, and comply with industry regulations, many organizations leverage vulnerability scanners, as well as Data Loss Prevention (DLP) and Security Information and Event Management (SIEM) tools.

However, there are multiple challenges involved when it comes to aggregating, standardizing, and correlating threat and vulnerability data, as well as prioritizing and tracking remediation activities. Most systems for vulnerability management, patch management, ticketing, and change management operate in silos. This approach makes it difficult for enterprises to track and resolve vulnerabilities. It also limits top-level visibility into the effectiveness of the vulnerability management systems and processes. Hence, many organizations are adopting a disciplined and integrated approach to discover, prioritize, and remediate threats and vulnerabilities.

Download Factsheet

MetricStream Threat and Vulnerability Management App

The MetricStream Threat and Vulnerability Management (TVM) App helps you aggregate, prioritize, track, and remediate information security threats and vulnerabilities in an efficient and collaborative manner. The app delivers a combined risk rating for business assets by combining the vulnerability rating with the asset criticality rating.

A built-in integration engine imports and consolidates threat and vulnerability information from various sources, thereby providing a unified view of the data. In addition, a centralized repository helps map threat and vulnerability data to assets and other business entities, enabling you to clearly visualize your information security program library (assets, asset classes, areas of compliance, and their relationships).

Through the app, remediation tasks can be defined and implemented easily. At each stage, automatic notifications can be set out to the responsible personnel with comprehensive details on each threat or vulnerability, including the source, affected technologies, available controls, and possible remediation instructions.

 

Why MetricStream TVM App

  • Integrates with Vulnerability Scanning Tools

    Provides a built-in integration engine to import vulnerability data from multiple third-party tools such as QualysGuard and Nessus; delivers comprehensive visibility into vulnerabilities across the enterprise

  • Supports the Creation of a Centralized TVM Library

    Helps build a library for threat and vulnerability management which documents areas of compliance, asset classes, and assets, as well as the relationships across these data elements

  • Prioritizes Vulnerabilities

    Combines an asset’s vulnerability severity rating with its business criticality rating to provide a consolidated risk rating; provides a comprehensive view of the top vulnerabilities and related risks

  • Streamlines Issue and Remediation Management

    Helps identify and track issues arising from threats and vulnerabilities; captures issue type, priority, rating, impact, and likelihood; enables the issue to be remediated in a timely manner

  • Provides “Early Warnings” or Notifications from Threat Advisories

    Leverages threat advisories to provide comprehensive details on each threat, including the CVE ID, source, affected technologies, available controls, and possible remediation; enables users to respond effectively to contain the threat

  • Transforms Vulnerability Data into Actionable Risk Intelligence

    Provides powerful dashboards, reports, and analytics that convert vulnerability data into actionable risk intelligence to support decision-making

Overview of STVM Activities

M7 Platform Highlights

  • 1

    Engaging and Personalized User Experience
    Makes the threat and vulnerability management process simple, context-sensitive, and personalized for each user; facilitates an intuitive and engaging user experience

  • 2

    Configurability
    Supports app configurations and extensions in an upgrade-safe and scalable manner through the MetricStream AppStudio configuration framework; helps the organization adapt to change quickly

  • 3

    Reporting and Analytics
    Delivers powerful visualization tools and analytics to manage and monitor threat and vulnerability management trends, data relationships, and actions in real time across the extended enterprise

  • 4

    Lean and Robust Architecture
    Is built on a lean, modern, scalable, and extensible architecture that enables the global digital enterprises of today to seamlessly scale up and support new users, while also adding new apps and solutions to meet changing organizational needs

Vulnerabilities

Features

  • Centralized Asset Library

    Create, document, and manage IT assets, asset classes, and areas of compliance. Consolidate assets in a common library, leveraging out-of-the-box connectors with Configuration Management Databases (CMDBs) such as BMC Atrium and ServiceNow. Map IT assets to business entities, threats, and vulnerabilities. Manage and view these relationships easily using the data browser or data explorer.

  • Consolidation of Threat Intelligence

    Stay on top of threats and vulnerabilities before they are discovered in business assets by creating and subscribing to RSS or email-based threat alerts or channels of interest from leading industry sources. Filter threat alerts by keywords, and trigger threat remediation workflows for prioritized threats.

  • Combined Risk Rating and Vulnerability Prioritization

    Import vulnerability data from multiple third-party vulnerability scanning tools such as QualysGuard and Nessus. Configure risk-rating rules (via. the GRC rules engine) to combine an asset’s vulnerability severity rating with its business criticality rating. Generate a Combined Risk Rating (CRR), thereby providing a rich business and vulnerability context for vulnerability prioritization. Based on the combined risk rating, prioritize vulnerability remediation strategies, and trigger the remediation workflow. Leverage pre-defined templates and rules to automate vulnerability remediation.

  • Issue / Incident and Remediation Management

    Manage and resolve issues or incidents arising from threat and vulnerability management. Enable real-time tracking of these issues or incidents across the enterprise. Also, facilitate cross-functional collaboration and communication on issue investigation and remediation tasks.

    Identify issues for remediation and/or disclosure, and assign them to the relevant owners. Define the issue type, priority, rating, impact, and likelihood. Auto-trigger incidents, and determine the incident priority, urgency, and impact. Also, define remediation rules, and trigger a systematic mechanism of remediation through the underlying workflow and collaboration engine.

  • Threat and Vulnerability Reporting

    Generate real-time intelligence on threats and vulnerabilities, along with historical information, statistics, and trends through graphical dashboards and reports. Gain a 360º view of your organization’s threat and vulnerability posture, and drill down to view the content at finer levels of detail. Use key metric cards and issue or incident status charts to quickly view the current status of your threat and vulnerability management program.

Threat Feeds

Request a demo Download RFP Template Pricing Contact