Assess And Remediate System Vulnerabilities
PatchLink’s New Scanner Integration Module Enables Customers to Leverage Their Existing Scanner-related Investments.
PatchLink announced at the Gartner Symposium/ITxpo the immediate availability of its PatchLink Scanner Integration Module, which gives information technology (IT) administrators greater ability to both assess and remediate system vulnerabilities across their organization’s computer network. The technology solution integrates leading commercial vulnerability management and other scanning products with PATCHLINK UPDATE Server via a versatile and extensible application programming interface (API). Vulnerability management combined with the remediation capabilities of patch management provides customers with an increased level of protection against network vulnerabilities.
According to PatchLink CEO Sean Moshir, “The PatchLink Scanner Integration Module is consistent with our viewpoint of multiple layers of security. Now customers using products from eEye, McAfeeFoundstone, Harris, and Qualys can seamlessly assess and manage vulnerability results with PATCHLINK UPDATE for immediate remediation purposes. We were able to efficiently accomplish these integrations through a well-designed API architecture, and anticipate additional products and partners in the near future.”
The PatchLink Scanner Integration Module increases an organization’s ability to leverage their current vulnerability assessment scanner investment. While PatchLink currently provides powerful and accurate agent-based vulnerability assessment via its PATCHLINK UPDATE product, some organizations prefer to use network vulnerability assessment scanners to search for software and system configuration vulnerabilities. Other organizations prefer to use a combination of network vulnerability assessment and agent-based scanning to provide a comprehensive, multi-layered approach to network assessment. In either case, PatchLink’s new integration module provides IT administrators with the ability to remediate vulnerabilities based on information gathered from both approaches.
George Kurtz, senior vice president of risk management at McAfee, Inc. notes, “A proactive remediation approach is instrumental to preventing security breaches. Through the combination of McAfee Foundstone Professional and PATCHLINK UPDATE customers can quickly discover and eradicate a complete range of vulnerabilities.”
As noted in a recent Gartner Management Update report, “New Technologies for Vulnerability and IT Security Management,” the (vulnerability management) market has passed through the early stages, and there are signs of general convergence on a core set of capabilities. Gartner Analyst Mark Nicolett explains, “Agent-based and network-oriented security management functions each have their own unique set of capabilities and limitations. Customer requirements are met in the most complete way, when both approaches can be applied against a given security requirement.”
Commenting on PatchLink’s integration with Harris’ network vulnerability assessment product, STAT Scanner earlier this year, Steve Antone, Information Assurance Business Area Manager, Harris Government Communications Systems Division (GSCD), commented, “We found a complementary remediation solution in PATCHLINK UPDATE, which has been well received by our government customers wanting to automatically remediate patch vulnerabilities discovered by STAT Scanner.”
Underscoring the importance of a powerful vulnerability assessment and remediation offering, Qualys Chairman and CEO Philippe Courtot adds, “Continuously identifying new vulnerabilities, prioritizing patches and applying them effectively is fundamental to effective enterprise security. Companies today typically have less than 30 days to respond to a newly discovered vulnerability. Tightly integrating the QualysGuard on demand vulnerability management service with PATCHLINK UPDATE offers the level of automation, timeliness, and accuracy that is now required to stay ahead of emerging threats.”
The PatchLink Scanner Integration Module is sold in conjunction with a Professional Services engagement and immediately supports products from vendors eEye, McAfee Foundstone, Harris, and Qualys. Integration support for other scanning products is currently underway.