Published: 29 Oct 2014
Every enterprise has vulnerabilities; they're often easy to find. Prioritizing, remediating and validating fixes for those flaws, however, is an increasingly daunting daily exercise for enterprise information security teams. Without the right vulnerability management product, the job becomes impossible.
"A periodic scan of a 100,000-node network often yields from 1 million to as many as 10 million findings, including everything from critical issues to minor informational data points," says Anton Chuvakin, research vice president with Stamford, Conn.-based Gartner Inc. "Enterprises are having a hard time prioritizing which vulnerabilities to remediate because the tools don't provide enough data or flexibility for prioritization."
A champion vulnerability management product should not only be powerful and compatible with a wide variety of systems, but also easy to manage.
This year our survey respondents selected two superior Vulnerability Management products as the winners of our 2014 Readers' Choice Awards.
Winner: Core Insight Enterprise, Core Security
Core Insight Enterprise is part vulnerability assessment tool and part automated penetration testing system. The latest version of the product allows users to perform distributed penetration testing and vulnerability validation across networks from remote locations.
In addition to device discovery and vulnerability scanning across networks, applications and cloud-based infrastructure, Core Insight Enterprise provides vulnerability prioritization, remediation assessment and compliance auditing. The vulnerability management tool is designed to "think like an attacker" by using multiple unrelated vulnerabilities to gain broad access and privileges, to simulate attacks. This patented technology includes the ability to prioritize attack paths based on business assets and risk criteria.
Our readers loved virtually everything about Core Insight Enterprise, noting its ability to effectively and accurately identify vulnerabilities. The product's integration with threat management, remediation capabilities and workflow also received high marks. Voters also praised its ease of installation, configuration and administration. In addition to its own embedded scanning capabilities, the product supports McAfee Vulnerability Manager, IBM Internet Scanner, Tenable Nessus, Tripwire IP360 as well as the other winner in this category, Qualys QualysGuard.
"Vulnerability assessment tools are products, but vulnerability management involves people, process and technology," says Chuvakin. "VA tools are a critical part of VM, but they're not the whole of it."
Winner: QualysGuard Vulnerability Management, Qualys Inc.
As noted, Qualys' QualysGuard Vulnerability Management also takes top honors in this category. The most widely used vulnerability management offering among this year's voters, the product is actually delivered as a cloud service from the vendor's public cloud or by private-cloud appliances. QualysGuard Vulnerability Management is part of the company's cloud suite, which also includes services such as Web application scanning, malware detection, policy and PCI compliance.
Vulnerability Management supports network mapping, device discovery and perimeter monitoring, and can execute variety of dynamic, scheduled or authenticated scans, including Amazon EC2 or VPC environments. Once discovered, vulnerabilities can be prioritized based on industry benchmarks and analyzed over time to determine the risk posture of various IT assets.
Readers were pleased with QualysGuard Vulnerability Management, noting the product's ease of installation, configuration and administration. Enterprise security teams can access the Web-based interface of the software as a service from almost any Internet connection using a browser. Voters were also thrilled with the VM tool's effectiveness and accuracy in quickly identifying vulnerabilities, which is aided in part by Qualys' KnowledgeBase of known vulnerabilities and their severity. The Vulnerability Management tool also got high marks for its scalability, breadth of applications and devices covered, and integration with threat intelligence. Organizations can use the tool's XML-based APIs to integrate data from SIEM and related systems.
Send comments on this article to firstname.lastname@example.org.
How do this year's winners stack up against last year's top products? Check out the 2013 Readers' Choice Awards best vulnerability management products.