RSA takes a big data approach to help with high-risk threats
RSA, The Security Division of EMC, at RSA Conference Europe 2013 unveiled RSA Vulnerability Risk Management (VRM), a new software solution designed to help organizations improve their overall security posture by analyzing massive amounts of vulnerability scan data and helping to identify and prioritize the highest-risk vulnerabilities.
RSA VRM is engineered to leverage Big Data and advanced analytics to identify the most important vulnerabilities so they can be fixed quickly to limit risk and better prevent cyber attacks.
Combining asset business context, actionable threat intelligence, vulnerability assessment results and comprehensive workflows, RSA VRM helps proactively manage IT security risks and automates tasks to enable organizations to do more with fewer resources.
The Vulnerability Analytics investigative interface allows IT security analysts to get alerts, explore results, and analyze issues as they arise. A flexible rules engine highlights new threats, overdue issues, and changing business needs. For business and IT managers, VRM’s management module integrates VRM analytics with reporting, workflows, and a risk-management framework to enable data-driven security decisions.
The data collection and aggregations capabilities are designed to allow RSA VRM to gather data from standard repositories as well as vulnerability scanning vendors to help more efficiently and effectively address potential threats.
Additional benefits include:
- Comprehensive catalogs for both technical and business data for each IT asset
- Automation of manual tasks including workflow management, vulnerability lifecycle management and reports generation
- Detailed reports on KPIs, ROI of programs, and overall IT security risk posture of an organization
As part of the RSA Archer GRC platform, RSA VRM helps connect vulnerability risk programs with overall IT GRC work streams to enable better visibility into the overall security risk of the organization and is a critical component to an organization’s overall Critical Incident Response strategy.