Comprehensive Vulnerability Management is About More than Just Checking Boxes

Analyst firm TAG Cyber recently completed an evaluation of Digital Defense’s Frontline Vulnerability Manager™ (Frontline VM). The solution scored at the highest level “Comprehensive Vulnerability Management Support.”

In addition to meeting  TAG Cyber’s 10 initial criteria --inventory, scanning, configuration, automation, reporting, patching, threat, likelihood, impact, and priority -- a “Comprehensive” solution must address five additional criteria to move from an “Enhanced” solution (2nd highest level) to “Comprehensive” (highest level).

  • Events – “Collect event data and correlate from multiple sources and sensors”
  • Methods – “Support identification and analysis of attack targets and methods”
  • Multi-hop – “Determine presence of vulnerabilities on multi-hop attack vectors”
  • Audit – “Integrate analysis of audit records with vulnerability scanning information”
  • Policy – “Support creation of vulnerability management policy and procedures”

These are important factors in and of themselves. However, the comprehensive designation is not just about the additional 5 criteria. The real accomplishment comes from the fact that all 15 criteria are met or supported in one intuitive solution that provides its functionality seamlessly. That means Frontline VM’s robust feature set is not a clunky combination of add-ons cobbled together like a patchwork quilt nor is the solution retrofitted to provide technology it wasn’t originally intended to provide.

Its comprehensiveness was by design – the product of a company and its engineers who are devoted to excellence in their core competencies.  A pioneer in online pen testing and vulnerability management, Digital Defense is committed to providing our customers solutions that are created with their needs in mind up front, not as an afterthought.


Experience the difference this type of expertise and dedication can create. Try Frontline free today.


About Digital Defense

Our SaaS platform supports Fortra Vulnerability Management, Web Application Scanning, and Active Threat Sweep that together provide:

  • Asset discovery and tracking
  • OS and web application risk assessment
  • Targeted malware threat assessment
  • Machine learning features that leverage threat intelligence
  • Agentless & agent-based scanning
  • Penetration testing for networks, mobile applications, and web applications
  • Compliance management. One of the world’s longest tenured PCI-Approved Scanning Vendors

Our SaaS platform virtually eliminates false-positives associated with legacy vulnerability management solutions, while also automating the tracking of dynamic and transient assets and prioritizing results based on business criticality.

Share This