Insights for Vulnerabilities and Remediation are derived from the platform's usage data. Data such as, level of effort, periodic trends, asset criticality and general vulnerability information, are used to generate highly detailed consulting reports, which are then made available in the platform. Organizations have the option to add a consultant's comments to these reports, for additional strategic input.
Uzado's platform produces real-time reporting on existing KPI's which can be downloaded as formal reports at any time. As shown here, these KPIs are available on the user's Dashboard and are fully customizable to each person's preferences. By using a current network map, the platform is able to monitor and track all access points for any vulnerabilities. The Vulnerability Database and the National Vulnerability Database is then used to find known vulnerabilities and determine the necessary remediation tactics.
It's important to remember, vulnerability scanning is a critical process when protecting sensitive information, but should not stop there. If you find a penny, are you going to pick it up? If you find a vulnerability, are you going to remediate it? Under a new vulnerability management model, successful companies have shifted from annual scans, to monthly or quarterly scans to ensure that they are remediating the most relevant vulnerabilities, as they come up. If you already have your own scanning tools, Uzado can use the results generated from them to give you a remediation action plan. We understand that the results from a vulnerability scan can become very overwhelming by the sheer number of exposures that become apparent, but Uzado offers this service so that you don't have to feel inundated.
One Special Vulnerability Ticket (SVT) is opened for each vulnerability and can be tracked using a unique identifier. They can also be grouped based on similarities, using Finding Tickets; which allow users to assign SVTs to one or more users, where users can remediate individual tickets or complete a batch update, using the Mass Actions Engine.
SVTs follow Workflows that ensure that users take the necessary steps to fully remediate the vulnerability. Workflows help users work through a reliable process to ensure that the remediation efforts are successful. SVTs also use Visual Processes and Tasks which allow users to track their progress and efficiency, and determine what tasks must still be completed. SVTs also have the capabilities to be assigned to one or more specific users for completion; which helps reduce any redundancies.
Often times, many vulnerabilities lie within outdated systems. Software administrators create patches for these vulnerabilities to protect the users. These patches are often installed through software updates. These software updates, however, become tedious and disruptive as they shut down the systems while they install the updates. Uzado's patch management software allows users to schedule multiple remediation tactics to be deployed on a pre-determined schedule. First off, we plan the system updates on a set schedule that works best for each customer - either during or after business hours. For larger organizations, we have found that remediation with non-production systems are an ideal starting point, so that IT departments can test the patches and the updates to ensure that the remediation is effective. We can also begin remediation on a small pilot group of production systems, before remediating at an enterprise-wide scale.