Gestvul
Vulnerability Management
It manages the entire vulnerability life cycle
In large organizations with many assets and where the individuals responsible for these assets are distributed across different organizational units, the process of vulnerability management becomes a complex problem.
All this complexity is very difficult to manage without a vulnerability management system to automate and support the activities that are part of the vulnerability management cycle.
To meet this challenge, we at GMV have developed gestvul®, a management solution that supports the whole vulnerability lifecycle, from identification of the vulnerability to its closure.
- Import of various vulnerability analysis tools (VATs) and consolidation of their results. The solution can uncover both vulnerabilities exploitable from the Internet and internal vulnerabilities. It currently supports Nessus, Qualys, Nexpose, OpenVAS, nmap and Checkmarx
- Ability to manage vulnerabilities of isolated systems by importing the results of scans performed on these networks.
- Access to information based on profiles and permissions. Each user only sees information about vulnerabilities affecting their own systems.
- Grouping of information based on different criteria, which can be chosen by the user: geographic location, organizational structure, technology, etc.
- Customizable dashboards.
- Support for the management of false positives and unresolvable vulnerabilities.
- Integration of results obtained automatically and manually, e.g. by way of penetration testing.
- Optional module of passive detection of vulnerabilities which provides a preliminary view of the company's security status without scanning. The solution can integrate these results with those provided by the tools and thus determine whether a vulnerability has been detected actively, passively or by both methods.
- SCALABLE: Prepared for a large volume of assets with a high number of
managers involved.
-
GLOBAL: Manages both: infrastructure and application vulnerabilities.
-
MULTISCANNER: Interface with scanner applications for analysis and
consolidation of results.
-
FLEXIBLE: Third-party tools (checkmarx, nessus, etc) and manual
(i.e pentest) vulnerabilities and findings import.
-
MULTIUSER: Role based access – profiles and permissions customization.
- Data storage at GMV
- Admits external network scans – imported via file to Gestvul
- Internal scans can be performed by GMV
- GMV maintenance and operation
- Data storage in customer premises
- Scans and data import performed by GMV
- GMV maintenance and operation
- Data storage in customer premises
- Scans and data import performed by customer
- Maintenance and operation done by customer
- GMV support