Frontline VM provides vulnerability management services that help organizations identify vulnerabilities on their network and manage their swift remediation.
New features that have been recently added include:
- Improvements to business groups
- Enhancements to reporting
- Credentials validation
These new features allow IT administrators to perform scans remotely, receive real-time reports on system vulnerabilities detected, and report them to third-party vendors for further action.
Improvements to Business Groups
The first significant upgrade in this release was the enhancement of business groups for data segmentation. This improves an organization's ability to restrict asset visibility by group membership. Previously, data segmentation was done only by IP definition. While functional for limiting access, it lacked flexibility.
Business groups allow organizations to create logical breakouts of asset ownership to follow the principle of least privilege. Business groups can be restricted by office locations or more granular by departmental or team. Additionally, business group members can now be dynamically assigned. Assets within predefined criteria will be added to business groups as they are discovered via scans. With this solution, individual users will only have access to the assets and results that are relevant to their work without being able to see assets and data outside of their permissions. This closes a security gap from insider threats or stolen credentials, decreasing the overall threat landscape.
Reporting is one of the core functionalities of any vulnerability management solution. These recent reporting upgrades have added significant quality of life and streamlining functionality to make reporting even easier for organizations.
Previous incarnations of the solution had reporting as a manual process that users executed on-demand. While this met the needs of most organizations, it was still an additional step that had to be completed. Our latest release has both scheduled and completion-triggered reporting to automate this common task. With scheduled reporting, your organization can set the filters ahead of time and then define a set cadence such as weekly or monthly to generate a report. With completion-triggered reporting, organizations can select a preferred report or reports to be auto-generated when a scan finishes, removing an additional step for users.
In addition to automatic report generation, organizations can now select to have reports emailed to them on completion. This functionality is not enabled by default, and organizations must opt-in specifically to have it available to them. To increase the security of this process, we will also be adding a passwording capability in the next release to ensure that even misaddressed reports are not accessible to those without appropriate access.
Authenticated Credential Validation
Credential management can be challenging. A simple typo could derail anticipated scan results and delay the identification or validation of vulnerabilities.
With our new credential testing feature, a user can immediately test whether the credentials entered into the system are valid or not. This feature is built right into the process of adding new authentication credentials for scanning. In addition to identifying the use of a set of credentials globally for the account, users can now check the validity of the credentials before utilizing them in an authenticated scan. One more way to improve time to accurate results.
The Vulnerability Management Landscape
These updates are some of the most requested by our valued customers and partners. Their feedback helps us develop Frontline VM into an even more powerful security tool.
If you’re new to Frontline VM and would like to see what it can do for your organization, set up a demo or 14-day free trial and see how we can help you strengthen and streamline your cybersecurity.
About Digital Defense
Our Frontline.Cloud SaaS platform supports Frontline Vulnerability Manager™, Frontline Web Application Scanning™, and Frontline Active Threat Sweep™ that together provide:
- Asset discovery and tracking
- OS and web application risk assessment
- Targeted malware threat assessment
- Machine learning features that leverage threat intelligence
- Agentless & agent-based scanning
- Penetration testing for networks, mobile applications, and web applications
- Compliance management. One of the world’s longest tenured PCI-Approved Scanning Vendors
The Frontline.Cloud platform virtually eliminates false-positives associated with legacy vulnerability management solutions, while also automating the tracking of dynamic and transient assets and prioritizing results based on business criticality.