Take the Hassle Out of Managing Vulnerabilities Related to Applications and Infrastructure

Security Manager is an easy-to-use, easy-to-integrate and lightweight application that not only improves efficiency, but has been shown to actively improve the entire lifecycle due to its transparency, standardization and centralization – shedding light on all aspects of the process.

Application and Infrastructure Security Vulnerability Data Aggregation and Correlation

Security Manager aggregates and correlates application (App-centric) and infrastructure (IP-Centric) vulnerability data from multiple sources to create a single management repository for your security professionals. Sources include automated scanners, security consulting reports and manual findings. Data aggregation can be automated through real-time connectors or imported using an XML data format.

Create and Monitor Vulnerability Remediation Workflow

Security Manager enables the management of remediation tickets from directly within the application, integrating with existing ticketing systems or using a ticketing system supplied with the application. This bi-directional integration ensures not only that remediators are supported with the ability to have an ongoing dialog and share attachments, but also makes it very easy to track ticket closures to be verified, completing the cycle.

Highly Productive Processing of Findings – Developed by Neohapsis Consulting

Our experience and knowledge from many years of enterprise consulting has been incorporated into the application – without making it complex. It enables security professionals to process new findings, create tickets and verify fixes rapidly with fewer errors so that they can concentrate on higher-value activities instead of data processing. Some examples of these features are: identification of potential duplicate findings; default assignment and risk-based prioritization for one-click ticket creation; and templates to normalize finding descriptions from multiple sources.

Work Effectively as a Team

Many aspects of Security Manager enable a security team, as well as the wider remediation teams, to collaborate more effectively:

• Audit trails clearly indicate when things have changed, including by third-party systems.
• Comments on vulnerabilities and tickets are easily updated from a single application.
• Reminders allow security professionals to revisit elements at a later date.
• Screenshots, reports and risk acceptance documents can be stored and shared with tickets, where appropriate.
• Findings can be assigned ad hoc tags that help with specialized filter searching (e.g., items related to PCI or other compliance initiatives).

Transparency and Reporting

Filtered results can easily be exported for dashboards, findings detail and remediation detail so that regular status reports can be produced for a variety of stakeholders with minimal effort. Dashboards enable security professionals and CISOs to identify overall trends and areas for improvement, such as systemic problem areas or time to remediation. Grading and benchmarking reports also let you see relative area performance so that star performance can be replicated and under-performance rectified.

Vulnerabilities from multiple sources can be aggregated and managed:

App and IP dashboards show summary information for executive reporting: