NopSec.com uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites, NopSec.com’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to NopSec.com, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.

Acknowledge

Customized Threat Intelligence Engine

Unified VRM Analytics leverages vulnerability data from across all the modules (Internal, External and Web) the user has subscribed to and correlates that vulnerability information with external and internal threat feeds to provide the user actionable security intelligence. This enables the user to proactively protect them and take action against threats and vulnerabilities before potential severe business impact. Using our analytics the user can close the window of exposure and significantly lower risk by applying remediating controls to vulnerabilities rated by severity in context of the user’s business asset classification.

UVRM Analytics Workspace

The Analytics engine powered by Elasticsearch can comb through throve of unstructured vulnerability, exploit, malware, patch, asset and ticket data to present the user with filterable lists of vulnerabilities present in their environment based on the search criteria. These lists can be filtered down even further based on several filters provided and the final search can be saved. From this saved search a report can be generated providing the user with more customizability from using UnifiedVRM.

UnifiedVRM Analytic Features

  • Keyword search vulnerabilities in user’s system.
  • Dynamic charts of CVSScore, Risk Factor, Operating system, Asset Locations based on search result.
  • Shortcuts for Top Impact, Top Patch, Top Exploit, Trending search.
  • Advance Filters: Patch, Malware, Exploit, Exploit Pack, Risk Factor, CVSSScore range, CVE, Asset Tags, IP Address, Port, OS, Asset Group, Location and Detection date.
  • History of search
  • Customized report based on user’s search result.
  • Link to Ticket management and Dashboard section.
  • Table of vulnerability information including threat feed references.

How to Use UnifiedVRM Analytics engine to remediate Vulnerabilities

Each vulnerability in Analytics can be viewed in Remediation of the corresponding module tickets have been opened in. For example:

UVRM Analytics Workspace 2

The user can click View Tickets against an entry to go to Fix page for that specific vulnerability and a list of tickets related to that vulnerability will be displayed.

Context Enriched Remediation

The main advantage of using UnifiedVRM is to give the user a holistic view of vulnerability data and take action based on how those vulnerabilities impact their business the most. Using Unified VRM’s advanced filters the user can prioritize remediation based on the factors below and many more.

  • Vulnerabilities with publicly available exploits
  • Vulnerabilities with available patches
  • Top Impact Vulnerabilities (Critical and High risk factor)
  • Specific type of vulnerability such as HeartBleed across all hosts it affects (search keyword: HeartBleed or CVE-2014-0160)
  • All Vulnerabilities for a specific host
  • All Vulnerabilities through a specific port

This will list vulnerabilities according to the selection criteria as seen in the figure above. Apart from viewing the corresponding ticket(s) in the Fix page, the user can also glean more details about the vulnerability by clicking the More link. The user can also click the title of the vulnerability to view more specific details about the asset if affects, the port on which it affect the asset, its risk factor, the risk reduction percentage, threat references. Detail also include the number of hosts affected by this vulnerability and most importantly, solution steps if applicable.

UVRM Content Enriched Remediation

Customized Report

Each saved search will be able to generate reports (HTML, PDF format)

UVRM Analytics

Following picture is an example of analytic report.

UVRM Analytics Report

For more information on UnifiedVRM Analytics, contact us for free demo.

Schedule a Product Demo Today!

See how NopSec's security insights and cyber threat exposure management platform can organize your security chaos.