top of page

   Corporate Governance (Vulnerability Risk Management – VRM – Software)

   Corporate Governance (Vulnerability Risk Management – VRM – Software)

  • Vulnerability risk management (VRM) software platforms are used by enterprises to identify and prioritize vulnerabilities in internal controls and processes, based on numerous customizable risk factors, through continuous analysis of the entire enterprise infrastructure – including: applications; cloud services; embedded components; hardware; information technology (IT) systems; internet of things (IoT); intranet; middleware; software; networks; and the like.

  • At a minimum, VRM software platforms should provide: active directory security; alerts; application scanning; artificial intelligence (AI); attack surface management; automated data collection; automated patch updating; backup data containerization; business impact risk analytics; compliance analysis; comprehensive risk ratings; contextual data analytics; customizable detection strategies; dark web intelligence; deep web intelligence; immediate detection and continuous monitoring of all assets from the moment they are plugged into the network; industry-specific compliance benchmarks; key performance indicator (KPI) analytics; machine learning (ML); massive and continuously-updated risk database; massive and continuously-updated vendor and supplier database; massive and continuously-updated threat database; managed cloud monitoring; managed detection and response (MDR); managed risk; managed security awareness; malware scanning; notifications; predictive algorithms; pen testing; prioritization rules; real-time threat intelligence; remediation workflows; reporting; risk assessment templates; risk factor analytics; risk modeling techniques; risk playbooks; risk posture insights; risk-based approach to vulnerability management; security assessment questionnaire templates; service level agreement (SLA) analytics; threat playbooks; virus scanning; vulnerabilities assessments in the context of business risks; vulnerabilities mapping.

  • Procurement, recommendation, research, sourcing, specification, testing and use of various VRM software platforms, such as: Arctic Wolf; Autobahn Security; Balbix; BMC Helix Automation Console; BMC Helix Remediate; CODA Footprint; Covail Vulnerability Management; edgescan; Faraday Platform; Farsight; Frontline Vulnerability Manager; Holm Security VMP (Vulnerability Management Platform); Holm Security VMP; InsightVM; Kenna Security; ManageEngine Vulnerability Manager Plus; NopSec Unified VRM; Nucleus; Qualys Cloud Platform; Qualys VMDR; RankedRight; Resolver; RiskSense RBVM; SanerNow; SecureVia Vulnerability and Compliance Scan; Secureworks Taegis VDR; ServiceNow Security Operations; Skybox Vulnerability Control; Strobes VM365; Tenable.ad; Tenable.io; Tenable.sc; Tripwire IP360; TrueSight Vulnerability Management; Vicarius; Vulcan Cyber; Vulnerability Management Service; VulScan; WithSecure Elements Vulnerability Management.

 

   Corporate Governance (Security Information and Event Management – SIEM – Software)

  • Security information and event management (SIEM) platforms are used by enterprises to centralize security operations into a single location through a combination of various software security applications.

  • At a minimum, SIEM platforms should provide: alerts; anomalies detection; AI; behavior analytics; communications; continuous intelligence; forensic analysis; identity management; logging; machine learning; malware scanning; network health snapshots; notifications; risk mitigation; root cause analysis; security governance; security remediation; threat detection, intelligence, investigation, prioritization and response; unauthorized access detection; vulnerabilities management.

  • Research, testing, use, recommendation, specification and procurement of various SIEM platforms, such as: AlienVault USM; Blumira Automated Detection & Response; CyberMaxx Managed Detection and Response; Coralogix; Datadog; Elastic Security; EventSentry; FortiSIEM; Graylog; IBM Security QRadar; InsightIDR; Juniper Secure Analytics; Logsign Next-Gen SIEM; LogPoint; LogRhythm NextGen SIEM Platform; Logz.io; ManageEngine Log360; McAfee Enterprise Security Manager; Microsoft Sentinel; Netsurion Managed Threat Protection; OSSIM; SolarWinds Security Event Manager; Splunk Enterprise Security; Sumo Logic;  Surelog; Vijilan.

   Progress_Page_Last_Updated_221105_1911

bottom of page