Vulnerability Management Services (VMS)
BlueVoyant uses intelligence-driven tools to tailor searches and reports that help you to understand and address weaknesses within your environment.
BlueVoyant VMS performs vulnerability scanning across internal, external, and third-party devices services, applications, and databases to identify organizational risk and patching effectiveness.
From missing updates or patches to software bugs and operating design flaws, vulnerabilities in your system are bound to occur, but with VMS BlueVoyant provide transparency and actionable reporting that can help you proactively address your vulnerabilities.
Vulnerability Assessment: VMS works to perform a variety of vulnerability assessments utilizing best-of-breed vulnerability detection software to discover well known weaknesses in software. It proves recommendations for managing or resolving the vulnerabilities through the WavelengthTM the BlueVoyant client portal and through custom reports.
Scanning: Scans will be conducted on a regular basis at weekly, monthly, or quarterly intervals. External scanning includes the detection of vulnerabilities that are exposed beyond your network perimeter and are therefore visible and possibly exploitable by attackers. Internal scanning includes vulnerabilities within your organization that may not be externally facing but could be exploitable by attackers within the environment. BlueVoyant can also conduct on-demand vulnerability scans on a need basis.
Assets: Asset Discovery: as part of the service, you can request BlueVoyant to conduct regular asset scanning to identify new devices in their environment or to update any identifying information on previously detected assets such as hostname or IP address. Asset Prioritization: Through the WavelengthTM , the BlueVoyant Portal, you can assign criticality to asset records to indicate which assets are the most important in their environment. Asset Tagging: Through WavelengthTM you can apply “tags” to asset records. This enables grouping of assets to support dashboards and reports.
Vulnerability Verification: By comparing new vulnerability scan results against previously identified vulnerabilities BlueVoyant's experts determine which vulnerabilities have been appropriately remediated. Vulnerabilities remain in an active state within the client portal until a vulnerability scan occurs, rather than when a patch or upgrade was applied, in order to confirm any remediations.
Policy Selection: As part of Service Activation, BlueVoyant staff will work with you to understand what your compliance and risk goals are to help you select one of the approximate twenty (20) vulnerability scan policies.
Vulnerability Tracking: Through WavelengthTM, you are able to see all active vulnerabilities that have been detected. These vulnerabilities are mapped to asset records which are mapped to any security alerts or incidents (detected through other BlueVoyant Managed Security Services) to support traceability of the activity of assets and vulnerabilities.
Software Upgrades: As software patches, upgrades, and new vulnerability signatures are released for the supporting vulnerability assessment software BlueVoyant will assess the release for security, stability, and functionality before certifying it as a supported version. BlueVoyant will perform software upgrades automatically for deployments leveraging the BlueVoyant virtual appliance.
Vulnerability Management Services are supported by expert analysts who operate 24/7 across multiple locations and within 2 global Security Operations Centers (SOCs). Certifications held by the team include SANS GIAC, EC-Council, and ISC-2, as well as others.
Wavelength™, the BlueVoyant client portal is a web-based portal that provides real-time visibility into detected alerts, confirmed incidents, all detected assets, and vulnerabilities. Locate dashboards representing a variety of content including but not limited to event volume, alert volume, detected assets, and analyst response actions inside Wavelength™.
Access vulnerability reports containing content such as new and resolved vulnerabilities and high-risk vulnerabilities on critical assets through Wavelength™.
Orchestration and automation, a key component of the technology platform, synchronizes security tools and helps maintain the proper balance of machine automation and human intervention. Orchestration and automation accelerates triage, reduces false positives, and improves mean time to resolve (MTTR).
BlueVoyant SOC and engineering teams have developed automations to support Managed Detection and Response and continue to deliver new automations. For example, an automated Emotet investigation, confirmation, and response playbook exist to quickly respond to specific outbreak strains.
The Client Experience team is your primary support team. Your advisor will meet with you on a regular basis (most often monthly) to understand your security program goals and will advise how BlueVoyant services can best meet your needs.
Greater Protection Enabled By Automation
Automation is a critical tool that allows us to democratize cybersecurity by taking manually intensive work and applying intelligent technology that begins with aggregating data, enriching content, correlating identifiers, and then sorting based on traits.
Automation works in conjunction with BlueVoyant’s team of elite cybersecurity analysts who help catalog and prioritize vulnerabilities within your system based on the sorted list provided from automation activities.
Service Tier Comparison
|Vulnerability Management||Vulnerability Import||Internal Scanning||Full VMS|
|Integration with MSS|
Download the BlueVoyant Vulnerability Management Services (VMS) (.PDF)