Visionael Corp. is expanding beyond the network management realm with a new offering designed to help network admins fix their biggest security problems first.
The Palo Alto, Calif.-based company's Security Audit software, announced today, enables network vulnerabilities to be discovered, validated, assessed and remediated quickly.
Perhaps the software's most notable feature is its ability to prioritize security problems. John Haley, Visionael's vice president of marketing, said that, by the time the average company totals the number of security issues it is facing on all of its network devices, never mind the flaws it may not be aware of, that number is typically in the hundreds, if not thousands.
The process of tracking and correcting those issues can be daunting. Haley said Visionael has witnessed how its own network-monitoring customers were struggling, not only with the flaws, but also with deciding which ones to fix first.
"There's always going to be hundreds or thousands of vulnerabilities," Haley said. "What we really do is direct customers to where they need to focus their attention."
Haley said Security Audit's processes reduce that headache to a manageable, five-step process. First, the product scans the network in search of vulnerabilities. At the top of the list are the problems that could have the most severe repercussions on the network and on the business that depends on it.
Then, Security Audit identifies how multiple vulnerabilities can be exploited to gain access to network resources. Haley, who claims the product is the only one available that analyzes the potential impact of multiple vulnerabilities, said this feature is important because it visualizes the chain of events that a hacker must create in order to gain access to a particular system.
"When it displays a critical issue, we'll show which three minor vulnerabilities make up that issue. We show the correlation of those issues in the application," Haley said.
Then, the application allows a user to assign each issue a trouble ticket number, either using its embedded ticketing system or via integration with an existing trouble ticket system, like Remedy Co.'s Action Request System (ARS).
After a particular vulnerability is addressed, Security Audit can be used to test and validate that fix by simulating a network attack against that vulnerability. This allows a user to ensure that the patch has been applied, as well as make certain that mission-critical systems are not prone to attack.
Finally, the product's reporting feature enables both business and technical users to determine which network resources are currently vulnerable and how much risk the network may be exposed to.
Pricing for Security Audit begins at $25,000. The product is available through the company and resellers in either perpetual license or subscription models.
FOR MORE INFORMATION:
Browse our Topics on network security.