In computer security, a vulnerability is a weakness which allows an attacker to reduce a system’s information assurance. Vulnerability management is the practice of identifying, classifying, remediating and mitigating vulnerabilities.
Unfortunately, software-based vulnerabilities create an easy way for hackers to get into your systems. However, the good news is the capabilities of your IT Asset Management (ITAM) or Software Asset Management (SAM) program may reduce the risk of security threats. ITAM and SAM programs can provide essential input to security initiatives since they have an incredible amount of up-to-date information about installed hardware and software at their fingertips.
Specifically, how can you recognize software vulnerabilities? It is important to be able to quickly identify and report on any machines or installed software that may be a threat to your IT environment.
Eracent now offers its customers this capability with Software Vulnerability Recognition.
This valuable functionality is based on standardized data that is continuously gathered by the National Institute of Standards and Technology (NIST). Several times each day, NIST updates a database of all known vulnerabilities that exist in commercial IT hardware and software products. Within hours of the NIST database being updated, Eracent adds this new vulnerability data to product records in both the SCANMAN™ software recognition library and the IT-Pedia® IT Product Data Library. This information enables ITMC Discovery™ to quickly identify any installed products that have known vulnerabilities. Reports are provided from various perspectives, enabling customers to see software that needs to be patched, updated or replaced throughout their network environment.
ITMC Discovery™ provides another level of protection by detecting the presence of any installed anti-virus software, and can identify unprotected machines. Discovery scans can also check for all applicable Windows patches and report on any machines that deviate from the most current, up-to-date standard image.
Another element in preventing unwanted network intrusion is software end-of-life (EOL) and end-of-support (EOS) data. If a product or version is still installed when its EOL or EOS date is reached, this creates a security risk since it will be impossible to acquire a patch or fix from the publisher. Having EOL and EOS data readily available makes it easier to plan for refresh cycles and avoid potential software-based threats to endpoint and network security.
IT-Pedia consolidates this end-of life and end-of-support data and puts it front and center. Eracent continuously gathers and adds EOL and EOS dates for hardware and software products to IT-Pedia, where it is available for automated updates on a daily basis. This information can be easily shared with ITSM, ITAM and other systems.