Vulnerability Management (VIM)

Secunia’s Vulnerability Intelligence Manager is real-time vulnerability intelligence brought to you on time, every time, by Secunia’s renowned research team.

With Secunia's powerful Vulnerability Intelligence and Management solution you can implement remediation strategies effectively and keep your organization secure.

• Integration

The Secunia VIM takes care of all your vulnerability management needs in one easy-to-use tool. It helps you identify relevant security alerts, collate vulnerability intelligence, drive operational efficiency and cut costs.

• Dashboard Interface

The Secunia VIM customizable dashboard is a concise and easy-to-use interface that lets you manage all your vulnerability management tools in one place. Access your latest vulnerability intelligence and advisories, features such as the Secunia blog and forum, and more.

• Extensive Coverage

The Secunia VIM offers the largest vulnerability management coverage in the industry, with more than 40,000 systems and applications comprehensively monitored for new and existing threats.

• Account Management

The Secunia VIM supports multiple accounts across a range of units, regions, segments and locations to ensure that the relevant software administrators are always up to date on the threats to their specific systems.

• Monthly Reporting

The Secunia VIM gives you monthly reports covering all advisories on new vulnerability threats across all your registered devices. So you always know you've been notified of all identified vulnerabilities.

• New and improved UI

The new look and feel is similar to the Secunia CSI 6.x, and uses the same icons and color design.

• Enhanced XML & RSS feeds

Displays the available XML and RSS intelligence feeds, based on the configured Asset Lists. The dynamic feeds show new feeds only, for example anything new since the last time the feeds were viewed. The time-specific feeds display advisories from the last 24, 48 and 72 hours. Other Feeds - CPE Names Update, will have all related CPE data that is available and refer to the Secunia Product ID

• Built-in Ticketing System

The Secunia VIM ticketing system lets you track and document each vulnerability advisory individually, so you can ensure every one is handled appropriately and you can track your vulnerability management history.

• Proof-of-Concept (PoC)

The Secunia VIM PoC intelligence can help determine if new software installations are vulnerable and if your existing software security is sufficient.

• Technical Analysis

The Secunia VIM security team constantly carries out technical analyses of selected software vulnerabilities. This gives us the best understanding of what constitutes likely security threats and arms us to better identify and protect against future vulnerabilities.

• Alternative Remediation

The Secunia VIM alternative remediation helps software security teams counter threats from vulnerabilities for which patches can’t be used. It could contain suggestions to change networks and system configurations, for example.

• Data Import and matching

Imported assets are better matched with the Secunia product database (e.g. a higher 'match ratio' then previously). The import file wizard has improved the match selection.

• Integration of VIM and CSI

Users can create and update asset lists automatically in the Secunia VIM based on the Secunia CSI scan results.

• The CSI user can authenticate a VIM account.
• The user can create an asset list from the CSI using the authenticated VIM account (and specify the recipients).
• The products scanned from the CSI will be added to the Asset List on the next synchronization. The updated Asset List (with the new products) can be seen in the VIM.
• Now, if any advisory is released from Secunia that affects one of the added products, a ticket will be created.
• If the set of products detected during scanning changes, the Asset List will be updated in the next synchronization.

Note: The tickets will not be created when the products are synchronized. They will be created when a new advisory is released by Secunia that affects one of the added products.

• Filtering

The Secunia VIM lets you create specific vulnerability management reports for different product categories across your entire IT infrastructure by filtering criteria. So you only get vulnerability alerts and intelligence relevant to your specific needs.

• Advisory Approval

The Secunia VIM lets administrators add comments and recommendations to advisories before they’re sent to the relevant IT staff. This helps you handle vulnerability threats in a controlled and cohesive way.

• Flexible Alert Formats

The Secunia VIM can alert you to vulnerability advisories across a range of platforms including SMS, email and XML, so you can stay up to date wherever you are.

• Policy Compliance

The Secunia VIM allows administrators to prioritize different vulnerabilities based on criticality, CVSS and other relevant factors, so they’re always up to date and compliant.

• Activity Log

Displays information about user activity within the Secunia VIM, for example "write" actions, logins, and so on. Users can access a full activity and login log for compliance monitoring and auditing purposes.

• Smart Grid Export

Users can click Export in a grid view and select Page, or All Pages to export the data to a CSV file.

The Secunia VIM explained

The Secunia VIM covers more than 40,000 systems and applications. The real-time software vulnerability alerts are brought to you instantaneously, and threat levels are prioritized, so you and your team can address the most critical vulnerabilities first.

Comprehensive reporting lets you assess the current state of your IT infrastructure, manage the risks, meet compliancy policy rules, and get an increased return on your security investment.

Find answers to ...

• What is vulnerability management?
• My company already uses firewalls - so why do I need VIM?
• Is the Secunia VIM a software solution or an appliance?
• Can I create reports for my entire IT infrastructure?

"Commerzbank's collaboration with Secunia has proved to be an efficient and cost-effective service over time..." Read more

"Bankart's approach to strengthening IT security involved addressing the question about how to best deal with exposure to vulnerabilities..." Read more

"Banco de Mexico is the central bank of Mexico and has been using Secunia's vulnerability management from 2005 to date..." Read more