Introduction to SecOps Response
This topic provides a brief overview of BMC SecOps Response. For a more in-depth introduction to using the product, see Using.
SecOps Response is a cloud-based product that helps you maintain the integrity of enterprise computing and network environments by analyzing and remediating vulnerabilities.
SecOps Response lets you:
- Perform a simple onboarding procedure that connects SecOps Response with an on-premise endpoint manager. (An endpoint manager is an application that allows you to manage and modify devices and servers.) Currently SecOps Response can connect to these endpoint managers:
- BMC BladeLogic Server Automation (BSA)
- BMC Network Automation (BNA)
- Microsoft Service Center Configuration Manager (SCCM).
- Import vulnerability scan files into SecOps Response from popular scanning tools such as Qualys, Nessus, or Rapid7.
- Identify servers not included in vulnerability scans. These gaps in security scans are sometimes called blind spots.
- Automatically map the assets in scans to servers and devices managed with endpoint managers. For assets that do not automatically map, a manual process is available.
- Automatically map the vulnerabilities detected in scans to remediation content. The most common types of remediation content are patches in BSA, rules in BNA, and software updates in SCCM. Again, a manual process is also available when auto-mapping does not cover all vulnerabilities.
- Use dashboards to analyze vulnerabilities from a system-wide perspective. Dashboards help security teams identify risks and communicate priorities to operations personnel. Operators can use dashboards to refine their actions so they can remediate servers and devices with the highest priority vulnerabilities.
- Run a simple wizard that generates remediation tasks that execute on endpoint managers. You can generate different types of operations depending on the endpoint manager:
- BSA—Remediation operations can generate Patch Analysis, NSH Shell, or Deploy Jobs that run in BSA.
- BNA—Remediation operations can take corrective actions in BNA when network rules are violated.
- SCCM—Remediation operations can deploy Software Updates, Applications, and Application Packages.