eEye Improves Vulnerability Prioritization Capabilities
CS Management 2.5 helps enterprises decide which bugs to patch first, based on their own IT and business environment.
August 2, 2011
The new release of eEye Digital Security's CS Management product improves enterprise ability to prioritize remediation and mitigation of known vulnerabilities. Version 2.5 of the vulnerability management offering also adds support for mobile devices and free patching for select non-Windows applications.
eEye has added several features that help assess the threat level of a vulnerability to a particular business and IT environment. CS Management 2.5 now enables enterprises to custom-tune CVSS (Common Vulnerability Scoring System) by adding local data to the scoring criteria.
"More and more customers are adopting CVSS," says Brad Hibbert, eEye VP of strategy. "They see a high-risk score, and a lot will just use that score--but not each high-risk vulnerability is the same." So, enterprises can tailor the scoring to their environment, based on mitigating controls such as firewall protection, configuration settings, and asset criticality that may raise or lower the threat level.
Vulnerability management vendors generally have their own proprietary vulnerability risk assessment scoring systems, which enterprises can modify to reflect their own environment. Just as CVE (Common Vulnerability Environment) works to establish a standard dictionary of vulnerabilities and exposures so that information can be shared across organizations and security tools, CVSS is positioned as a standard for establishing the base risk of a given vulnerability.
"CVSS is independent, and enterprises gravitate toward it, so they understand the risk and not worry so much about vendor bias," says Eric Ogren, founder and principal analyst of the Ogren group. "You can patch, of course, but CVSS also enables you to check out what is recommended in terms of actionable mitigation, such as firewalls, that may take the curse off the vulnerable systems."
CS Management now also identifies whether a vulnerability has an associated exploit from Core Secuirty, Metasploit or Exploit Database, to help determine if there is an immediate threat to critical assets. eEye recently announced "right-click" integration with Metasploit that allows users to import vulnerabilities discovered by eEye's Retina scanner directly; Metasploit then launches exploits against the target vulnerability. eEye already had similar integration with Core Security.
Read the rest of this article on Network Computing.
Security concerns give many companies pause as they consider migrating portions of their IT operations to cloud-based services. But you can stay safe in the cloud. In this Dark Reading Tech Center report, we explain the risks and guide you in setting appropriate cloud security policies, processes and controls. Read our report now. (Free registration required.)
You May Also Like