StillSecure VAM is a vulnerability management platform that includes discovery, vulnerability scanning and identification, remediation workflow and reporting tools. The platform features both scheduled and on-demand vulnerability scanning capabilities, based on known vulnerability information from the vendor that can be updated by the customer on demand and/or automatically up to once an hour.

StillSecure VAM platform can be deployed either as a standalone platform for vulnerability discovery and management (either as a single appliance with an onboard scanner, or via the combination of a central server and distributed scanners--deployed for load balancing and/or remote scanning needs--that report their results to and are managed by the distributed scanners), or the central management core of the larger enterprise security infrastructure via the product's optional Enterprise Integration Framework module--APIs available in Java and XML allowing the platform to integrate with third party tools such as scanners or trouble ticket systems, and a plug-in architecture (the Extensible Security Plug-In Architecture, or ESPA), which allows users to develop plug-ins to perform specific business operations or modify the VAM process itself, such as workflow prioritization or changing device profile information. The vendor notes that customized plug-ins can be developed using any programming or scripting language with XML support.

The key, core capabilities of the platform include inventory (discovery), vulnerability scanning, assignment/notification and remediation workflow, and reporting.

- Inventory: the VAM Autodiscovery process can be run as needed or scheduled and identifies, maps, and inventories all devices on the network down to the OS, service, and application level. Better than 900 individual OS and OS variations are recognized.

- Vulnerability scanning: The VAM Intelliscan process automatically determines which scans are required for each device, based on the device's type, operating system, applications, ports, etc.; with the scanning itself leveraging the Nessus engine. Customized scanning schedules can be defined, as can an unlimited number of scan policies (collections of individual scan rules and port scans). Scanning policies are available in pre-defined form (including SANS top 20) or can be customized by the customer. Both non-intrusive (default) and intrusive "Deep Inspection" scans are supported.

- Assignment/notification/workflow: Discovered vulnerabilities are assigned to specific individuals for repair, with workflows (device or vulnerability centric) definable to up to seven states. Prioritization can be based on user-defined device importance or vulnerability severity, and available user roles include Vulnerability confirmers, Repairers, Secondary repairers, or Device owners. Device histories include vulnerability and repair data. Verification scans are launched on devices that have been reported as repaired.

- Reporting: Reports can be generated on a corporate or workgroup level and can be filtered by devices, vulnerabilities, scan activity, OS, and more. Optional is the vendor's Security POV, a security management analysis module that analyzes the vulnerability lifecycle, repair management, and risk management posture of an organization.

Other features include dynamic device management, the ability to create dynamic collections of devices based on device attributes; and authenticated proxy support.

New to the VAM platform is support for Dynamic Vulnerability Assessment (DVA) technology, which allows the platform to automatically scan devices as they connect to the network. The vendor states that Security POV is able to report data gathered both from DVA and point-in-time scans.

Visit the StillSecure Web site for further information.