Jump to content

RedSeal

Request A Demo

Products

Key Benefits
  • Identify vulnerabilities requiring immediate action: RedSeal automatically prioritizes all vulnerabilities based on risk posed to the enterprise.
  • Specify network mitigation options: RedSeal automatically discovers the exact network path, devices and rules that expose a vulnerable host.
  • Assess the risk of change requests: RedSeal evaluates the security impact of a requested change, before the change is implemented.
  • Pinpoint areas to scan: RedSeal identifies the areas of your network that require scanning because of exposure to untrusted networks.
  • Know when to scan: RedSeal identifies applications and services that require scanning because of new vulnerabilities.

RedSeal Vulnerability Advisor 4.1

Near Real-time Risk Management

Most large enterprises identify thousands of vulnerabilities every time they conduct a vulnerability assessment. But scanning for vulnerabilities is the easy part—figuring out which vulnerabilities truly matter is the real challenge:

  • Is critical financial information at risk because a vulnerability is exposed to the Internet or extranet?
  • Has a vulnerability already been effectively mitigated with network-level controls?
  • Do vulnerabilities in minor systems allow a hacker to leapfrog to more critical systems?

Prioritizing remediation efforts is key to effective vulnerability management. Unfortunately, the prioritization offered by scanners doesn't take into account the exposure and protection provided by your network infrastructure.

RedSeal Vulnerability Advisor transforms scanning into actionable vulnerability management. It gathers the configurations of all your network devices — firewalls, routers, load balancers, wireless access points, and more—and combines this information with your vulnerability scans. It identifies where vulnerabilities are exposed to untrusted networks and generates a prioritized list of the vulnerabilities that cause the greatest business risk. Finally, RedSeal identifies gaps in your scanning so you know where to extend coverage to be secure.

With RedSeal Vulnerability Advisor, you'll know exactly which vulnerabilities require immediate action — and what action to take. You'll gain assurance that your scanning activities are comprehensive enough to truly identify the risks to your business. You'll demonstrate to your auditors and management team that your vulnerability management process complies with regulations and policy. And, most importantly, you'll be confident that you are effectively protecting your critical systems and information.

  • RedSeal shows every subnet that can be attacked from the Internet or extranet. Click on a threat vector for details of the exposed vulnerability.

  • RedSeal assesses the risk of change requests before the change is made, highlighting both potential direct vulnerability exposure and downstream risk.

  • RedSeal identifies the exact devices and rules that expose a vulnerability making it easy to mitigate with a network control.

  • The RedSeal risk map highlights exposed, un-scanned subnets in red. The risk map is a dynamic heat map for analyzing threat and risk data.

  • RedSeal provides detailed reports on risk so you can communicate your defensive posture to auditors and management.

Act on exposed vulnerabilities - Quickly

Automatically Prioritize Remediation Efforts

The most daunting challenge facing your security team is not executing a vulnerability scan, but knowing what to do with the scan results. Where do you start when faced with thousands of vulnerabilities? How do you determine which vulnerabilities present enough business risk that they require remediation outside your normal patch process?

RedSeal automatically prioritizes vulnerabilities by analyzing them in the context of your network access. To identify the most critical vulnerabilities, RedSeal evaluates:

  • Direct exposure of a vulnerability to untrusted networks
  • Indirect exposure of a vulnerability to untrusted networks through other vulnerable hosts
  • The potential for a vulnerability to allow an attacker to leapfrog deeper into the network
  • The business value of the vulnerable host
  • The severity of a vulnerability based on the Common Vulnerability Scoring System (CVSS)

With RedSeal, you'll know which vulnerabilities require immediate action and will be able to justify this action to your operations group. You'll have comprehensive reports of all of your vulnerabilities prioritized by upstream exposure, downstream risk and overall risk to your business.

Assess the Risk of Change Requests

Change requests often require network operators to open new access holes through the network security infrastructure. RedSeal allows the operations team to evaluate the security impact of the request before implementing it. RedSeal identifies if the change will expose any vulnerabilities as well as if newly exposed systems could act as launching points for attacks deeper into the network.

Identify Network Mitigation Options

Frequently, vulnerable systems cannot be taken offline for patching due to business availability requirements. With RedSeal you can eliminate unnecessary network exposure of a vulnerability, reducing risk until the vulnerability can be remediated during the next patch window. RedSeal automatically identifies every device and rule that expose the vulnerability to untrusted networks. In addition to patching options, your security team can easily mitigate the vulnerability by changing these rules to eliminate the exposure.

Initiate, Track and Verify Trouble Tickets

Once you have decided to take action, RedSeal makes it easy to assign tasks — and ensure they are correctly completed. By clicking on any vulnerability, you can open a trouble ticket in the BMC Remedy Action Request System. Within RedSeal, you can view and track the status of the ticket as it is assigned and resolved. And, once the ticket is closed in Remedy, RedSeal will verify that the vulnerability has actually been remediated.

Improve Your Vulnerability Management

Validate Complete Scan Coverage

Given the size and complexity of networks, identifying network segments that require vulnerability scanning is a daunting challenge. RedSeal automatically assures that your scan coverage is comprehensive enough to find high risk vulnerabilities. RedSeal pinpoints areas of your network that are exposed to untrusted networks but that have not been scanned. RedSeal will also prioritize those unscanned areas that could enable attacks deeper into your infrastructure.

Verify Vulnerability Assessment is Always Up-to-Date

Vulnerability scanning is an intrusive process that can cause system outages, so security teams usually scan only when absolutely necessary. With RedSeal, you'll be able to minimize scanning and still keep your systems secure. RedSeal automatically identifies hosts where scanning may be out-of-date. When a new application vulnerability is added to the National Vulnerability Database, RedSeal pinpoints systems where that application is exposed and flags those hosts for re-scanning.

Address Auditor Concerns & Avoid Findings

Demonstrating compliance to the never-ending stream of security audits consumes significant time and effort from security teams. RedSeal's automated control testing enables defensible decision making by your organization, which will reduce findings. Additionally, RedSeal's reports demonstrate effective management of business risk and prove that compensating controls effectively mitigate vulnerabilities.