A vulnerability management program is a critical part of any organization’s IT security program. Credo’s solution provides scanning, reporting and work flow management features to allow you to focus on remediation, patch deployment or implementation of other compensating controls. With appropriate scanning engines, you know what critical vulnerabilities your IT infrastructure, mobile devices, applications or your SCADA environment contains. Such vulnerabilities are some of the easiest attack points for a malicious party to attempt to compromise your IT environment.
Regular, periodic scans and remediation activities are one of the recommended critical security controls from the Centre for Internet Security. See https://www.cisecurity.org/critical-controls.cfm or http://www.sans.org/critical-security-controls. A vulnerability management program is also a mandatory part of any PCI compliance program and many other compliance programs required by various industry verticals.
Credo can take care of the “scan, analyze, report & prioritize” components of your vulnerability management program and provides workflow and tracking to support remediation. With regular scans and concise, actionable reporting, both provided on an outsourced basis by Credo Trust Systems, you have the information you need to focus your resources on remediation – usually patching – rather than on performing the scans and generating the results.
Click here for our overview of vulnerability scanning and remediation for managers and non-technical professionals. See Overview of vulnerability scanning for managers by Credo Trust Systems.