+41 44 667 77 66 info@clue.ch

Vulnerability Management

Clue Vulnerability Management gives you a constant overview of your IT infrastructure and it`s up-to-date security status, keeping you well-informed as to issues and threats that need to be addressed well before they become critical in any way. This enables you to shift your IT security strategy from the backfoot to the front foot. We have you covered.

Roving Weakness and threat detection

As indicated before, it is vital that modern IT infrastructures are ever vigilant and effective in identifying and resolving security threats in real time without any compromise to system operations. This process should be precise and seamless. This is a major challenge we are happy to accept. An important part of IT security strategy, therefore, is to not only identify outside threats but to identify internal weaknesses and then to update and protect vulnerable systems. With a correct assessment of risks and dangers, the wasting of time and effort is avoided and issues are dealt with promptly and effectively. The benefits of managing this process well, speak for themselves – there is an obvious reduction of IT operational costs and a saving on the financial outlay associated with the preparation and execution of audits and the achievement of compliance requirements, such as ISO27001 or PCI-DSS.

Cloud Services

The very nature of public and hybrid Cloud infrastructures requires a readdress of IT processes and, most importantly, also their security. Classic security models are outdated and increase risk, these are simply no longer reliable and not recommendable for use. Even if you outsource the operation of your virtualization and network infrastructure to providers such as Amazon Web Services (AWS), Microsoft Azure or local virtual data center providers, your company remains responsible for securing your own operating system, installed services and applications.

Fix Vulnerabilities

It is well known that in order for a vulnerability management process to do its job, the precise evaluation of systems and potential threats is a key factor. Only on the basis of a solid, well substantiated system assessment can a successful elimination of vulnerabilities and misconfigurations be carried out. We are happy to advise you on the creation of an IT security policy and to provide active support in eliminating weaknesses in your IT systems.

Vulnerability Management Features

Cloud Scanner

Cloud scanners measure your systems based on the same visibility they have to attackers on the Internet. This way, the perimeter of your network and other public systems, such as web servers and network accesses, are tested in the exact manner as they could be exploited by others.

OnPremise Scanner

These scanners are used on the network and data center to detect vulnerabilities and insecure configurations. They measure, amongst other things, software vulnerabilities and versions as well as configurations and policies.

+

Passive Scanners

Production facilities, mobile end devices, Industrial Internet of Things and Bring Your Own Device, by virtue of the nature of their use, cannot and should not be actively monitored for weak points for fear of compromising their effectiveness. Additionally, these devices offer limited possibilities for updates and device management. The passive scan measures vulnerabilities of these assets without influencing these systems to the detriment of your running business.

Agents

Mobile devices, machines, systems in public clouds and managed devices in customer networks are often located outside management tools on off-site locations. This makes them difficult to patch, control and secure. Vulnerability Management Agents are powerful tools that make this happen regardless of location.

Cloud Services

Cloud services such as Amazon Web Services (AWS), Microsoft Azure, or Salesforce cannot be tested for vulnerabilities using traditional methods. As a result, vendor audit mandates test and evaluate configurations, instances, ACLs, and user access using APIs.

i

Reporting

Modular and flexible reporting makes departmental feedback easier and allows every part your company to easily provide necessary information. CIOs and CISOs thus receive relevant information relating to the current level of security while those responsible for the system receive detailed information on how to eliminate any potential vulnerabilities and threats

Vulnerability Management Service

Clue Vulnerability Management enables companies of all sizes to proactively protect themselves against security incidents and save costs with regard to their IT operations by constantly keeping you in the loop as to what your current security situation is. This avoids unforeseen incidents or “surprises” and costly penetration tests. Our security experts design and monitor the scanning infrastructure and policies. We also advise you on the vulnerabilities found and support you in prioritizing and eliminating them.

CLUE-less?

Clue Managed Services expands your team by giving you reliable access to security experts who help you to strengthen the security of your company. Proven products, tailor-made features and your very own personal support structure – we meet your requirements at a low TCO. Our monthly service fee eliminates high investments and training costs, enabling you to use our services in a modular way.

Can’t immediately identify your existing weak points in your IT environment or don’t know them at all? Would you like to assess or reduce the risks in the operation of your business-critical applications? Talk to us about Vulnerability Management. We would be happy to show you how you can, with minimal effort, reduce IT operations risk with Vulnerability Management and even save some money at the same time.