logo

Select Sidearea

Area for extra info, links, etc.
[email protected]
+(610) 816-010
 

VAC – Vulnerability and Compliance

Vulnerability and Compliance closes the loop between your assets and reducing the threat landscape. VAC is a game changer in understanding your vulnerabilities and driving remediations. VAC eliminates the need for pricy third-party scanning solutions, but plays well with your organizations legacy solutions.

Continuous scanning of end point vulnerabilities through the ITAM process, automated mapping to the IT-Pedia exhaustive database, discovery of software (OS, Patches & Software). Using data mapping, these discovered Common Vulnerabilities and Exposures (CVE) leverage the National Vulnerability Database. Your data mappings help to prioritize what to focus on first. Typically, 85% of their vulnerabilities are caused by less than 25 software packages.

VAC continuous scanning
VAC SCAP

Security Content Automation Protocol Scanning, or SCAP, is leveraged by every branch of the Department of Defense. Now, under license from the US Navy, ClearArmor brings this powerful capability to your organization. The only difference is more power, distributed scanning, continuous ability, integration to ClearArmor VAC and Data Mappings. One more element that moves your organization from tactical to strategic.

Leveraging third party vulnerability scanning engines. Our first interface has been created to communicate with the ubiquitous OpenVAS vulnerability scanner. Drive the scan schedules, types of scans, and endpoints targets from within the CSRP.

VAC Leveraging third party vulnerability scanning
VAC leverage Active Directory

Many organizations leverage Active Directory for a broad range of Directory-Based Identity Related Services. Well managed and it instrumental in managing people, devices, and resources. Poorly managed and it becomes one more element increased the threat landscape. To provide better visibility into your environment, ClearArmor has created the ADBot. A source of continuous information. Stale users and computers. Orphaned Objects. Elevation of Domain Admin privileges. Failed attempts and locked accounts. ADBot is your window into Active Directory.

Timeline

DM – Data Mapping

DM – Data Mapping allows the organization to associate key granular data with other data, making collected information more powerful and meaningful to pre-built and custom dashboards and representations.

CC – Cyber Culture

CC-Cyber Culture leverages included InfoSec Institute CyberAwareness Training to eliminate risk at a key CyberSecurity breach vector, people. CC starts with the rapid, engaging, and short training sessions. CC follows with testing progress using documented scores and Phishing simulation testing across the organization.

VAC – Vulnerability and Compliance

VAC – Vulnerability and Compliances provides the mechanisms to identify Software, hardware, and configuration based vulnerabilities through integrations and interfacing to IT Asset Management, IT-Pedia®data, Open Source Vulnerability Scanning, and SCAP Scanning.

ITAM – IT Asset Management

ITAM – IT Asset Management allows for the discovery, heterogeneous data source integration, data normalization, white listing, categorization, ownership, lifecycle management, and vendor management related to hardware and software assets.

RM – Risk Management

RM – Risk Management allows the organization to understand and manage the events, triggers, impacts, potential reductions, reduction progress, response plans, and documented testing of those plans.

AM – Audit Management

AM – Audit Management sets the ownership, governance, schedules, and processes for auditing that the policies and controls in effect.

PM – Policy Management

PM – Policy Management provides the ability to document and communicate how policy relates to organizational controls.

CM – Controls Management

CM – Controls Management aligns your organization to the frameworks and regulatory controls they have voluntarily, or are required to follow.

CMO – Cyber Management Office

CMO – The Cyber Management Office provides the ability to governance and manage the individual efforts your organization must execute to achieve continued improvement in CyberSecurity

M2 – Momentum Methodology

M2 is the bridge between Technology, Leadership, and Process. M2 provides a standardized method to understand, implement, and work toward continued improvement in CyberSecurity