Cutting edge security and risk assessment product to manage and monitor configuration changes, hardening, patches, vulnerabilities and policy compliance of IT assets and web applications.
Scalable, Effective and User-Friendly
The sophistication and success of online attacks coupled with the regulatory obligations companies are required to abide by necessitate a solution that can combat this ever growing threat while maintaining compliance policy guidelines. In order to mitigate risk in this constantly changing threat and policy arena organizations need a vulnerability management and policy compliance solution.
BLOCKBIT VCM provides a comprehensive, scalable security and risk assessment solution capable of managing and monitoring configuration changes, vulnerabilities, hardening and policy compliance of IT assets, devices and applications along with a library of baselines, industry standards and government regulations. VCM has an innovative feature that prioritizes the remediation process not only during risk classification, but as well as assessing the availability of tools that automate exploitations in different stages.
VCM offers ease of management in an automated solution creating security baseline metrics which continuously measure current compliance against policies and regulations. Interactive real-time dashboards and easily generated reports allow VCM to effortlessly demonstrate how the security and compliance levels are evolving within your environment. It also helps to reduce IT operational costs by automating the assessment processes through a structured distributed deployment lowering resource overhead.
For more information about other features available on BLOCKBIT Intelligence Lab
Effectiveness of Remediation
Agentless Authenticated Scanning
Non-Authenticated Vulnerability Scan
With BLOCKBIT VCM Non-Authenticated Vulnerability Scan you can find your network vulnerabilities in an invisible and fast way. BLOCKBIT VCM uses advanced scan engines to identify vulnerable services that put your business at risk. You can detect unpatched software, backdoors, expired certificates, unsafe cryptographic protocols (such as SSLv2), weak passwords, unencrypted authentication protocols, unauthenticated services (such as anonymous FTP) and many other vulnerabilities.
Authenticated Vulnerability Scan
You can perform deep vulnerability assessment through BLOCKBIT VCM Authenticated Vulnerability Scan so you avoid false positives and have full visibility of all the vulnerabilities within your assets including unpatched software, insecure configurations, malicious plug-ins, outdated programs, insecure registry entries and many other vulnerabilities. With the Authenticated Scan you don’t need to rely on open doors or services to detect vulnerabilities. The system is clientless and doesn’t affect the performance of the analyzed asset, BLOCKBIT VCM Scanner does all the processing job. The system’s credentials data for the Authenticated Scan are safe in your BLOCKBIT VCM Credential Wallet, protected by two strong encryption layers.
Web Application Vulnerability Scan
BLOCKBIT VCM has a Web Application Vulnerability Scanner for DAST (Dynamic Application Security Testing) assessing web applications for OWASP Top 10 vulnerabilities such as SQL Injection, Blind SQL Injection, XSS (Cross-Site Scripting), Command Execution, Code Injection, Cross Site Request Forgery, File Inclusion, Insecure Cookies, among other vulnerabilities. Using an advanced engine to crawl, authenticate in various pages using different credentials, with the capability to include exceptions and understand responses, and detect vulnerabilities in all layers of the web application, BLOCKBIT VCM Web Application Vulnerability Scan is also able to alert you about the security risks in your web application simulating scans originated by distinct devices such as Smartphones and Tablets to test responsive web applications.
Finding assets on your network, creating recurrent searches and finding additional assets added to your network over time is easily managed by our Asset Discovery Module. This module allows you to import a list of assets into your BLOCKBIT inventory along with your Active Directory asset list enhancing the speed and efficiency of your scanning.
With BLOCKBIT VCM you can monitor configuration changes, hardening and policy compliance of IT assets. You can create templates for your company’s internal controls, define compliance rules based in regulations and standards (HIPAA, PCI DSS, GLBA, SOX), manage your organization’s security policies and analyze if they are being applied to corporate assets, thus avoiding non-compliance and/or possible security breaches. Your policies can be automatically verified on different platforms, ensuring a wide coverage on corporate security controls. In addition, you can create system recurrence and have visibility of the exact moment when a policy is no longer been enforced.
Action Plan is a VCM Module containing an advanced and innovative remediation workflow. Utilizing this module makes the assignment of security issues with the appropriate personnel for mitigation purposes seamless. Once personnel are assigned to specific security mitigation events they can monitor whether or not their corrective measures were applied successfully by running a “Self Audit” function and system managers can track security issues via graphical dashboards.
Threat Wave is the revolutionary viewing system from VCM that displays vulnerabilities on your network along with a timeline of potentially affected hosts containing known security flaws. Potential risks and active threats are displayed on dashboards highlighting risk progression across your network. Furthermore these displays provide a timeline, location and threat vector along with alerts of critical exposure instances during different stages of exploits.
A single Manager Appliance can concentrate and correlate data collected by several Scanner Appliances meeting the needs of different security assessments for type of scan, scope, location or business unit. You can also multiply the number of assets being scanned in parallel and significantly reduce the scan time in large environments.
Many ways to get BLOCKBIT
Start your experience in the best way, see our pre-configured products in the cloud with full visibility in real time
You can choose between Cloud or Virtual Appliances. Get to know our products before you buy
REQUEST A QUOTE
Purchase our products BLOCKBIT UTM, VCM & SMX. Get protected right away