Technology Partner Integrations

Fortra VM is the only vulnerability and threat management solution that is purpose-built to work with partner solutions. It integrates seamlessly with today’s small, mid-size, and enterprise hybrid-cloud environments to help thwart advanced cyberattacks and improve overall security operations.

Apply to Become a Technology PartnerBrochure

Digital Defense has dedicated resources and capabilities for integrating our patented solutions with security technology partners. Through Connect and our open APIs, partners can easily extend their existing security offerings to build or support integrations to and from the Fortra VM platform. These APIs can be used to:

  • Provide real-time vulnerability and threat data to better prioritize remediation
    within partner solutions
  • Consume critical policy, threat, and endpoint data to improve scanning and
    vulnerability patching for critical infrastructure

We work with a number of technology partners, including leading SIEM, endpoint, SOAR, incident response, GRC, and network security solutions.

Technology Partner Integrations

Attivo

Fortra Vulnerability Management and threat assessment platform identifies high-risk/critical assets with business context that are highly vulnerable to exploits, remain unpatched, are un-patchable or have already been infected in real-time. Integrated with Attivo Networks BOTsink, administrators can make intelligent, potentially automated, decisions on where to dynamically deploy deception technology to protect the network and resources from a potential compromise or attack, even as conditions or the infrastructure itself changes.

“Attivo has an extensive deception fabric for accurately detecting and derailing threats and the partnership with Digital Defense further ups the game against attackers,” said Tushar Kothari, CEO of Attivo Networks. “The ability to automatically deploy Attivo deception based on shared vulnerability insights provides a unique and innovative way to reduce risk while increasing the difficulty of an attack. It is a powerful example of how organizations can proactively strengthen their security posture while also building out an Active Defense.”

Press Release | Solution Brief

Core Security

Core Impact is designed by Core Security helps security teams conduct advanced penetration testing with ease by using guided automation and certified exploits.  Core Impact is powerful penetration testing software so you can safely test your environment using the same techniques as today's cyber criminals.

Core Impact replicates security attacks to your network infrastructure, endpoints, web, and applications to uncover exploitable vulnerabilities, giving you the upper hand to immediately remediate risks.

Brinqa

Brinqa Risk Platform delivers a complete set of capabilities and features to represent, integrate, and correlate unlimited sources of security data for secure and rapid analysis. The platform provides management and automation support throughout the cyber risk identification, mitigation, validation, and communication processes.

Cherwell

The Fortra VM integration with Cherwell’s ITSM (IT Service Management) automates tasks helping service desk teams meet the ever-growing list of demands including dashboards, reports, forms, and workflow automations enabling end-user self-sufficiency, faster and more effective ticket handling, plus greater visibility and accountability. Creating notifications as either “Problem” type tickets or “Incident” type tickets for Cherwell ITSM, Fortra VM provides industry-leading noise and false positive reduction, along with prioritized vulnerability and risk information based on business context.

Cherwell ITSM provides a powerful and flexible IT Service Management (ITSM) platform for service desk teams that need to address security risks, and all other IT tickets, and move more quickly towards taking action. Cherwell ITSM offers the tools needed to adapt quickly and cost-effectively to new IT and business needs, while delivering extraordinary service to internal customers. The Fortra VM and Cherwell ITSM integration automates the “Problem” and “Incident” tickets enabling your teams to find and fix vulnerabilities quickly, efficiently improving your overall security posture.

Fortra VM helps security teams focus on identifying and prioritizing the most important assets to proactively harden against an attack without requiring agents. Utilizing Incident and Problem tickets generated by Cherwell ITSM plus with data from Fortra VM teams are equipped to find, fix and remediate vulnerabilities and risks and customize their reporting.

Integration Key Benefits:

  • Concurrent Session Licensing: Provide access to more users with a license model that enables any authorized person to access the software.
  • ITIL Best Practices: Build a foundation to improve operational efficiency and deliver world-class service with a platform verified on 11 PinkVERIFY ITIL processes.
  • Cherwell mApp Exchange: Save time and money with mergeable applications that allow you to merge content from other systems and programs into the Cherwell platform.
  • Prebuilt reports and dashboards: Increase visibility across all ITSM processes by leveraging over 100 preconfigured reports.
  • Third-party integration and orchestration: Ensure interoperability among systems, key data sources, and third-party products with Cherwell’s low-code platform.
“For the most effective and efficient IT service desks, interoperability is key,” said Michael Euperio, director, technology alliances at Cherwell. “With Cherwell’s ITSM solution acting as the hub for managing all IT tickets, including security vulnerabilities and threats, the integration with Fortra is important progress for our common customers.”
Cisco

Overview:

Cisco® Identity Services Engine (Cisco ISE)/pxGrid combined with Digital Defense’s SaaS Vulnerability Management platform that includes Fortra Vulnerability Management (Fortra VM), Web Application Scanning (WAS) and Advanced Threat Sweep (ATS) integrated modules helps reduce risk of potential network cyber-attacks by identifying vulnerable and infected assets and thwarting access of these devices that could compromise networks and eventually breach critical systems.  Combining the automation power of Cisco ISE/pxGrid and Digital Defenses's SaaS VM platform creates greater device visibility and network access control, building improved workflow and rapid responses to infrastructure threats.

Visualize

  • Discover devices instantly without requiring agents
  • Profile and classify devices, users, applications and operating systems
  • Continuously monitor managed devices, including corporate, BYOD and IoT endpoints

Control

  • Allow, deny or limit network access through Cisco ISE based on device posture and security policies
  • Assess, prioritize and remediate malicious or high-risk endpoints
  • Improve compliance with industry mandates and regulations

Automate and Orchestrate 

  • Share endpoint context from Cisco ISE via Cisco pxGrid with DDI's platform
  • Create actionable workflows to have Cisco ISE automatically restore based on scans and associated risk management
  • Create dynamic policy changes system-wide response to quickly mitigate risks

 

Description:

Prioritzation and Automation Optimize Workflows

Digital Defense’s SaaS platform digitally fingerprints the hosts as contiguous entities, reconciles asset changes from scan to scan utilizing patented correlation algorithms (helping to minimize duplicates or unknown devices), prioritizes vulnerabilities, and automates workflow across the hybrid network to make better risk management decisions, quickly. The SaaS platform delivers unparalleled accurate network and host assessments all the way to intelligent integration with Cisco ISE, forautomating security workflows and policies.

Restricts Devices that May Introduce Risk

Cisco ISE/pxGrid reduces risks and contain threats by dynamically controlling network access. ISE can assess vulnerabilities from the SaaS platform and apply threat intelligence. ISE monitors and denies network access to any device based on known information. United, Cisco ISE will use the vulnerability intel and Security GPA ® scoring intelligence as part of its access decision policies. Providing Cisco ISE with VM scanning intelligence data allows it to take more granular action by restricting access of a device that may potentially introduce risk into the network.

The integration offers a policy for when a new device which has not yet been assessed by the SaaS platform comes onto the network, ISE can request an immediate vulnerability scan. That same policy can restrict access for the given device, until ISE has received the data from Fortra VM, whereupon it would then fall to other policies to determine what actions to take based on the findings.

 

Features:

Visibility

  • As an endpoint attempts to connect to the network, ISE is immediately aware of it
  • ISE requests the most recent scan results forthe endpoint from the SaaS platform
  • Based on not having seen the device before, ISE can request the platform to scan endpoint for vulnerabilities

Automated Scanning

  • ISE can launch a scan from the scan repositorybased on a condition (i.e. has not seen the preexisting device in 3 days on the network)

Policy Enforcement

  • If critical vulnerabilities exist, ISE will quarantine or block the device so it does not become a launching point for advanced threats
  • If vulnerabilities are present on the network foran extended time (e.g. 3 months), an ISE policy may quarantine or block the device

Automated Remediation

  • ISE initializes automated remediation actions,or triggers external remediation via patch management

Solution Brief 

Forescout

The Forescout® platform is a unified security platform that enables enterprises and government agencies to gain complete situational awareness of their extended enterprise environments and orchestrates actions to reduce cyber and operational risk. Fortra VM and Forescout integration helps reduce risk by continuously monitoring both managed and non-managed devices for vulnerabilities without a heavy burden on your network and systems. The integration also enables automated policy-driven actions to proactively combat threats detected and remediate compromised devices.

“We are pleased to partner with Digital Defense and offer our joint customers a leading integrated security solution that reduces risk and helps to keep threats out,” said Amy De Salvatore, VP, global strategic alliances, Forescout Technologies. “Together, we are delivering highly accurate network assessments and intelligent automation of workflow processes and policies.”

Solution Brief | Press Release

IBM QRadar
IBM QRadar users can activate the Fortra VM vulnerability feeds into the QRadar platform to gain improved visibility into security events. This is done by correlating vulnerability and threats through evaluating data accuracy, gaining greater visibility into the risk posture of hosts, to make better, more informed decisions and take appropriate security actions.
 
LogRhythm SIEM

Digital Defense’s SaaS vulnerability management and threat assessment platform identifies high-risk/ critical assets and passive threats, and delivers risk and threat scoring based on active threat intelligence providing unmatched asset context. The platform correlates its own rich data with LogRhythm SIEM information that helps administrators prioritize the patching and remediation of critical assets based on real-time knowledge of risks and actual active threats. In addition, the SaaS VM platform has been built from the ground up to support full multi-tenancy for managed services.

Combine Vulnerability Risk with Threat Data with LogRhythm SIEM Data

LogRhythm SIEM is designed to radically simplify and significantly improve security outcomes and allows security teams to speed the analysis of massive data sets. The LogRhythm Platform enables customers to securely and privately store and analyze large amounts of data normalized for advanced artificial intelligence and machine learning to find threats and orchestrate responses quickly.

By leveraging Digital Defense's open platform to feed on-demand vulnerability and threat scan data into LogRhythm’s SIEM, customers can take advantage of LogRhythm’s machine learning and artificial intelligence capabilities to prioritize and respond to security threats with the added benefit of context for a clearer understanding of risk and threat posture.

McAfee

Learn how our latest Technology integrations with McAfee® ePolicy Orchestrator® and Data Exchange Layer (DXL) can rapidly enhance your pre-existing network security.

“By implementing products that are compatible with McAfee security solutions, our common customers experience faster deployment times and reduced costs,” said D.J. Long, vice president, strategic business development at McAfee. “Security should be easy to manage, so McAfee has taken the steps needed to open up its security risk management architecture and provide customers with the tools to easily manage their multi-vendor security environments. The result is greater protection, reduced risk and increased compliance.”

McAfee ePO™ Solution Brief | Data Exchange Layer (DXL) Solution Brief

Microsoft

Comprehensive Next Generation Endpoint Protection

Active Threat Sweep, integrated with Microsoft Defender ATP puts the power of on-demand agent-less threat detection at your fingertips. Proactively analyze assets for indications of a malware infection before other agent-based security tools can be deployed and thwart attacks that take advantage of dwell time to evade endpoint monitoring. Identify out-of-date or disabled endpoint protections to quickly flag at-risk devices and prioritize investigation and remediation. The combined solution increases Microsoft Defender ATP’s already proven security coverage and efficacy beyond current endpoint detection and response solutions.

Solution Benefits

  • Better visibility and early detection of both passive and active threats
  • Enhanced threat detection by combining targeted active threat scanning with AI-based behavioral anomaly detection, malware signature and file analysis
  • Ability to root out small passive attack artifacts that are extremely difficult to find and planted by attackers for infecting or even re-infecting assets
  • Immediately clean up infections before patching efforts can be implemented
  • Identify out-of-date or disabled endpoint protections to quickly flag at risk devices and prioritize investigation and remediation

Blog Post | Micorosft Azure Marketplace Listing

 

Palo Alto

Cortex XSOAR

With Fortra VM and Cortex XSOAR, Palo Alto Networks customers can now leverage on-demand vulnerability and active threat information to identify, prioritize and quarantine highly vulnerable or infected assets to allow security teams to remediate and patch systems before an infection can spread to other parts of the network.

Palo Alto Networks  | Integration Overview

 

Cortex XDR

With Fortra VM on Cortex XDR, Palo Alto Networks customers can now leverage active threat information, identified by Palo Alto Networks devices, to pro-actively prioritize remediation and patching efforts for systems already under attack.

“Cortex partners can leverage the vast amount of rich data available from across the enterprise to create AI-based innovations that provide more automated and accurate security outcomes to our joint customers,” said Karan Gupta, SVP of Engineering for Cortex at Palo Alto Networks. “We’re proud to welcome Fortra to our expanding ecosystem of developers building innovative apps.”

 

RedSeal
RSA Archer

RSA Archer is the leading enterprise governance, risk and compliance (GRC) solution. Organizations benefit from Digital Defense’s patented scan-to- scan host correlation combined with the RSA Archer IT Security Vulnerabilities Program use case. The scan-to-scan host correlation ensures RSA Archer receives highly accurate and up-to-date information about hosts that have been scanned, allowing the user to make better, more informed decisions when coupled with information presented within RSA Archer.

 

ServiceNow

Many organizations depend on the accuracy of their asset manager and ticketing systems to properly supervise their IT operations and vulnerability remediation programs. Data and documentation frequently become outdated as the tools utilized are not updated or the personnel in charge of maintenance lack the time and resource to do so. Fortra Vulnerability Management infuses the ServiceNow® platform with an automated security management workflow that goes beyond simple import/export mechanics found in other platforms.

With Fortra VM Sync 2.1, a certified integration with ServiceNow, ServiceNow users can be automatically alerted to new security vulnerabilities on their network; utilizing inline workflows to alert, assign, manage and verify remediation all from their ServiceNow platform. Build an effective and efficient security program leveraging the power ServiceNow and the expertise of a next generation security assessment system.

Innovative Application Integration

Built from the ground up to as one of the industry’s most progressive security management platforms, Fortra VM supports automated ServiceNow workflow integrations via Fortra VM Sync 2.1.

The seamless cloud-to-cloud deployment closes the vulnerability security loop from identification to remediation with end-to-end integration of vulnerability management and ticketing. Advanced network scoping, configurable labeling and automated fix verification and patented scanning technology empower and streamline your IT security management program.

Integration Benefits

  • Seamless management of host and vulnerability findings
  • Fully automated ticket workflow
  • Customized ticket creation filters and rules
  • Configurable ticket close and verification
  • Comprehensive description and solutions for vulnerability remediation
  • ServiceNow ticket status reporting
  • Simple to configure and deploy

Leverage superior host identification and discovery technology for your ServiceNow CMDB

 

Want your solution to seamlessly integrate with the industry’s best vulnerability and threat management platform? Join us.

 

Apply to Become a Technology Partner