TrueSight Vulnerability Management overview
This topic provides a brief overview of TrueSight Vulnerability Management. For a more in-depth introduction to using the product, see Using.
TrueSight Vulnerability Management helps you maintain the integrity of enterprise computing and network environments by analyzing and remediating vulnerabilities.
TrueSight Vulnerability Management lets you:
Integrate with the following endpoint managers:
- TrueSight Server Automation
- TrueSight Network Automation
- Microsoft Service Center Configuration Manager (SCCM).
- Import vulnerability scan files into TrueSight Vulnerability Management from popular scanning tools such as Qualys, Nessus, or Rapid7.
- Identify servers not included in vulnerability scans. These gaps in security scans are sometimes called blind spots.
- Automatically map the assets in scans to servers and devices managed with endpoint managers. For assets that do not automatically map, a manual process is available.
- Automatically map the vulnerabilities detected in scans to remediation content. The most common types of remediation content are patches in TrueSight Server Automation, rules in TrueSight Network Automation, and software updates in SCCM. Again, a manual process is also available when auto-mapping does not cover all vulnerabilities.
- Use dashboards to analyze vulnerabilities from a system-wide perspective. Dashboards help security teams identify risks and communicate priorities to operations personnel. Operators can use dashboards to refine their actions so they can remediate servers and devices with the highest priority vulnerabilities.
- Run a simple wizard that generates remediation tasks that execute on endpoint managers. You can generate different types of operations depending on the endpoint manager:
- TrueSight Server Automation—Remediation operations can generate Patch Analysis, NSH Shell, or Deploy Jobs that run in TrueSight Server Automation.
- TrueSight Network Automation—Remediation operations can take corrective actions in TrueSight Network Automation when network rules are violated.
- SCCM—Remediation operations can deploy Software Updates, Applications, and Application Packages.