trustedagent grc for vulnerability management and continuous monitoring

Audit Management Compliance Management

Vendor Risk Management

Vulnerability

Management Incident Management

TrustedAgent Policy

Management Risk and Compliance

Governance

Enterprise Risk

Management IT Governance

Continuous

Monitoring

With thousands of hardware, O/S and applications across your network, are you really managing your vulnerabilities?

Internet With thousands of hardware, O/S and applications across your network, are you really managing your vulnerabilities?

Vulnerability Management Challenges

Managing vulnerabilities is straining your IT resources leaving little progress for improving and sustaining your security posture.

Managing vulnerabilities is straining your IT resources leaving little progress for improving and sustaining your security posture.


Reporting is time-consuming, inefficient, and error-prone which limits visibility into the organization security posture.

Reporting is time-consuming, inefficient, and error-prone which limits visibility into the organization security posture.


One data breach can result in financial penalties, lost of brand recognition, reduced productivity, legal liabilities, or increased scrutiny from regulators.

One data breach can result in financial penalties, lost of brand recognition, reduced productivity, legal liabilities, or increased scrutiny from regulators.


Introducing TrustedAgent

• Comprehensive, enterprise platform that integrates, standardizes, and automates existing IT GRC processes.

• Enables organizations to meet the challenging, complex, and ever-changing requirements of PCI, SOX, HIPAA, NERC, GLBA, FISMA, and many others.

• Improves existing business processes and best practices using frameworks such as ISO 27001/27002 and COBIT, to achieve cost reduction, eliminate waste and gain operational efficiencies.

TrustedAgent Benefits

• Provides an enterprise solution that integrates, standardizes, and enhances the management of security risks, privacy, and regulatory compliance across the enterprise.

• Reduces time and costs associated with risk management

activities through collaboration, dashboard analytics, and automated reporting and document generation.

• Provides a standard of care to minimize security risks, legal liabilities, and penalties, and to facilitate communications with shareholders, customers, regulators, and insurers.

• Continuously monitors and assesses critical business assets

and functions to gain visibility into and improve their security and compliance posture.

Key Components of TrustedAgent

TrustedAgent Process

Vulnerability Management and CDM

Risk Analysts

- Confirm

effectiveness of

remediation

Risk Analysts, CISO,

Security Managers

Regulators,

Senior Management,

Insurers

Users

TrustedAgent syncs

vulnerabilities into

new, existing, completed

and repeated

vulnerabilities

Risk Analysts

- Review results via

online view of findings

Risk Analysts

- Prioritize findings to address

- Fix findings

Users

Benefits of Vulnerability Management using TrustedAgent

• Get visibility to all assets and the relationships of the assets to the organization’s business processes, regulations, or standards through a centrally-managed asset repository.

• Track identified vulnerabilities against impacted assets. Automatically reconcile new vulnerabilities from existing and repeat vulnerabilities.

• Prioritize and plan remediation through data-driven risk-based decision.

• Proactively maintain and ensure completeness of regulatory compliance by supporting ongoing or continuous monitoring of the assets for vulnerabilities.

Supported Scanning Tools

Support integration with the following vulnerability assessment and asset discovery tools.

Trademarks and copyrights are properties of their respective owners.

NMAP

* *

*

* *

* Indicate s direct integration is supported. Otherwise integration is supported through XML data import.

Prominent Clients

Trademarks and copyrights are properties of their respective owners.

TrustedAgent Demo

Using TrustedAgent for Vulnerability Management


Step 1. Manage Entities for Systems, Sites, Programs,

Vendors, Audits, and Processes


Step 2. Manage Assets Associated

with Entities

Step 3. Import Assets From Excel, XML Scan Results, or Nmap Discovery

Nmap

Step 4. Lookup and Assign Assets to

Entities from a Master Asset Repository


Step 5. Setup Scan Configurations. Define

Scan Intervals, Assets to Scan, Scan Policy, etc.

Step 6. Initiate Scans. Reconcile Scan Results.

Note: TA also supports passive download and reconciliation of findings from the scanning software (without scan initiation).

Note: See slide 12 for list of scanners supported.


Step 7. View Scan Summaries

Step 8. Auto-reconcile the Findings as New, Repeat, Completed, or Mapped to

Existing Findings

Step 9. Manually Reconcile by Assigning

Findings and Associated Assets to Entities

Systems

Programs

Sites

Vendors


Step 10. View Scan Reports Online.

Export to HTML.


Step 11. View Finding Details


Step 12. Accept

Findings to Create

Corrective Action Plans

Step 13. Link Findings to Existing Corrective Actions. Reject Findings as

False Positive


Step 14. Generate Dashboard Reports

Step 15. Generate Enterprise Risk

Reports

Contact Information, Q&A, and Next Steps

Trusted Integration, Inc.

525 Wythe Street

Alexandria, VA 22314

703-299-9171 Main

703-299-9172 Fax

www.trustedintegration.com

https://twitter.com/intent/follow?original_referer=https://twitter.com/about/resources/buttons&region=follow_link&screen_name=TrustedAgentGRC&tw_p=followbutton&variant=2.0

trustedagent grc for vulnerability management and continuous monitoring

Software