In addition to solutions that serve to detect and manage attacks as they occur, powerful vulnerability management with lean and efficient processes is needed to actively prevent attacks. This is exactly why we developed VAREDY, our vulnerability management platform. VAREDY helps security managers and IT professionals to automate and simplify their vulnerability management processes.
Typically, organizations rely on tool-based, periodic vulnerability scans to detect vulnerabilities. Scanners check systems for an immense repertoire of possible vulnerabilities. The industry standard CVE (Common Vulnerabilities and Exposure), with almost 200,000 entries, which is constantly being expanded, serves as the basis. The scan output is a list of variants of how a particular software installation or configuration on a system can be exploited. The method and difficulty level of exploiting a vulnerability influence the priority with which a vulnerability should be remediated. The larger the IT landscape in scope and the older and heterogeneous the systems, the more difficult it is to identify precisely these cases. Furthermore, although vulnerability reports provide a basis, they do not help with the subsequent processes for eliminating vulnerabilities.
This is where our SaaS solution VAREDY comes into play. It helps security managers and IT professionals to automate and simplify their vulnerability management processes. For this, VAREDY processes data from common vulnerability scanners by vendors such as Tenable or Rapid7, as well as from the asset inventory. VAREDY classifies detected vulnerabilities according to their underlying cause, aggregates them and translates them into compact, actionable remediation tasks. Plus, each remediation task is enriched with practical recommendations based on proven best practices and established vulnerability management methods.
