User Guide
When integrated with the Logpresso platform, vulnerability assessment solutions serve the following purposes:
Asset and Vulnerability Information
When individual security systems such as IPS or WAF detect and block attack attempts, detailed information about internal assets must be reviewed to assess the impact of the attack. For example, even if an IIS web server attack is detected, if the target asset is running an Apache web server or a newer version of IIS without the vulnerability, the attack has no impact. Vulnerability assessment solutions are a highly reliable source of information about the actual configuration and vulnerabilities of assets.
Security Compliance Review
Vulnerability assessment solutions provide automated assessment results for compliance requirements mandated by various regulatory authorities. When compliance reports need to be submitted to security auditors, automated per-asset assessment reports against compliance checklists significantly reduce the workload.
Risk Governance
Vulnerability assessment solutions provide foundational data for ISO27001 control items. This data is combined with threat status, asset value, and checklist responses to measure and manage risk by department and business function.