In this blog post we try to give some of the key points that SecFusion is here to help on your journey of struggling with vulnerabilities;

  1. The ability to define and prioritize your assets with the granularity of IP (public and private, yes your DMZ/Intranet IP addresses if you wish so), domain, sub-domains, URLs and sub-URLs
  2. The ability to schedule scans with various pre-defined policies through well-known vulnerability scanners
  3. The ability search, report and interact through found and manually checked vulnerabilities

These are pretty much similar to all continuous vulnerability scan models in the market. However, we have more;

  1. Handle security issues through built-in or 3rd party ticketing systems with AD support and dynamic SLA management.
  2. Automate security workflows including ticket assigment, periodic notifications, escalations, reporting
  3. The opportunity to consume aggregated vulnerability data with uniform naming through out all the scanners
  4. The ability to configure port and service scans and get alarms for any change
  5. The ability to configure domain and ssl certificates monitor scans and get alarms for any change
  6. The ability to configure SSL weakness scan and get a grade of your HTTPS-enabled web domains and, as usual, alarms for any change
  7. To be able to integrate with well-known ticketing environments such as JIRA, ServiceNow, etc.

Here's a top-down SecFusion diagram where one can see most of the workflow details and the journey of a vulnerability through it.