Presentation is loading. Please wait.

Presentation is loading. Please wait.

Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved »Foundstone Enterprise 4.0 Detailed Product Presentation.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved »Foundstone Enterprise 4.0 Detailed Product Presentation."— Presentation transcript:

1 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved »Foundstone Enterprise 4.0 Detailed Product Presentation

2 2 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Agenda »Foundstone Solutions »Truly Enterprise-Class »Asset-based Vulnerability Management »Unmatched Assessment Horsepower »Life-cycle Threat Management »Stream-lined Remediation »Measurement & Benchmarking »Interoperability: Foundstone Link »Total Cost of Ownership »Competitive Comparison

3 3 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Foundstone Product Family »Foundstone Enterprise v4.0 –Enterprise-class, award-winning vulnerability management system – Options include: –Remediation Module –Threat Correlation Module –Appliance-based –Feature-rich and the most scalable risk management system available –Low cost of ownership: automated download and installation –All updates Foundstone tested & approved »Foundstone Enterprise v4.0 –Enterprise-class, award-winning vulnerability management system – Options include: –Remediation Module –Threat Correlation Module –Appliance-based –Feature-rich and the most scalable risk management system available –Low cost of ownership: automated download and installation –All updates Foundstone tested & approved »Foundstone On-Demand Service – Hosted system engineered to manage and mitigate risk – Integrated threat intelligence alerts and correlation – Zero-deployment; no administration or maintenance »Foundstone On-Demand Service – Hosted system engineered to manage and mitigate risk – Integrated threat intelligence alerts and correlation – Zero-deployment; no administration or maintenance »Foundstone Professional TL – Designed for consultants and auditors – Enterprise-class functionality and scalability »Foundstone Professional TL – Designed for consultants and auditors – Enterprise-class functionality and scalability

4 4 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved The Foundstone Vulnerability Management (VM) Lifecycle Risk = A x V x T C C C C

5 5 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Enterprise-Class »Web-based, centralized management »Hierarchical user account system supports even the most complex organizations »Flexible role-based access control for scanning & remediation »Unprecedented performance & reliability: unique scanning architecture

6 6 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Enterprise-Class Features & Benefits Web-based, centralized management Automated vulnerability, threat and knowledgebase updates from Foundstone Safe and lightweight: built-in scan traffic load balancing Graceful handling of latency issues and network disruptions

7 7 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Enterprise-Class Features & Benefits Hierarchical model supports even the most complex organizations Easy, delegated administration using Workgroups for offices, regions, etc. Flexible role-based access control for users Granular permissions for scans, remediation

8 8 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Enterprise-Class Features & Benefits Unique parallel architecture allows many scans to execute at once on a single engine A single scan is automatically distributed into multiple subscans for enhanced scan performance Scan recovery with no data loss due to batch- based design

9 9 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Asset-Based Vulnerability Management »Driven by agent-less asset discovery »Classify using detailed, flexible criteria »Scan by business function, geographic region, etc. »Tickets can be automatically assigned to group asset owners »Asset criticality can be used to focus remediation tasks on the most important systems

10 10 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Asset Classification Features & Benefits Driven by agent-less asset discovery Classify using detailed, flexible criteria Assign group properties such as asset owners & criticality values

11 11 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Asset-Based Scanning Features & Benefits Create scans by asset value or owner Easily include/exclude hosts based on OS, name, and other properties Scan by business function, geographic region, etc.

12 12 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Asset-Based Remediation Features & Benefits Tickets can be automatically assigned to group asset owners Asset criticality can be used to focus remediation tasks on the most important systems

13 13 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Assessment Horsepower »Deep, agent-less assessment across all layers of infrastructure »Discovers and analyzes every system on the network, from database to router »Uses patent-pending OS identification and vulnerability analysis techniques »Based on the customizable Foundstone Scripting Language (FSL) »Unprecedented ease of use: –One-click quick scans –One-click scan performance / bandwidth optimization

14 14 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Assessment Horsepower Beyond Traditional Vulnerabilities: Specialty Assessment Modules »Windows Module –Patch & policy testing –Trojan & spyware detection »Wireless Module –Discovery of access points & clients –Mapping & vulnerability analysis »Web Application Module –“Unknown” vulnerabilities within custom web apps. –Crawls, inventories & then intelligently analyzes –Examples: source code disclosure, SQL error handling, weak usernames and passwords, “hidden” sensitive files and archives

15 15 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Life-Cycle Threat Management »Intelligence alerts on critical breaking threat events such as worms and exploits »Faster than a check– shows threat impact immediately without running another scan »Risk-ranking of assets prioritizes threat response so that the most important hosts are protected first »Threat response benchmarking by business unit »Measures response efforts vs. an established remediation goal

16 16 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Threat Monitoring Features & Benefits Intelligence alerts on critical breaking threat events such as worms and exploits Automatically updated on a daily basis Alert correlation rules show how a threat event will impact your networks

17 17 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Threat Analysis Features & Benefits Faster than a check– shows threat impact immediately without running another scan 5-factor correlation displays results by likelihood of a successful attack Risk-ranking of assets prioritizes threat response so that the most important hosts are protected first

18 18 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Threat Scanning Features & Benefits Correlation results feed rapid threat scans or remediation activities Threat scans easily created for a single or several vulnerabilities Threat scans complete quickly, even for large Class B and A networks Alerts can be sent directly to staff pagers via email

19 19 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Threat Benchmarking Features & Benefits Threat response benchmarking by business unit (e.g. geographic region, workgroup, office) or operating system Progress automatically updated based on enterprise remediation efforts Effective comparison model: set up by administrator, seen by all users to gauge status versus peers

20 20 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Threat Compliance Tracking Features & Benefits Measures response efforts versus an established remediation goal Progress measured in % of compliance-- based on # of vulnerable hosts for one or many threat events Graphs easily downloaded or modified for on-the-fly reporting

21 21 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Stream-Lined Remediation Workflow »VM Pioneers: Introduced integrated remediation workflow in early 2002 »Vulnerabilities automatically turn into easily managed tickets »Rules-based automatic ticket assignment using multiple, flexible criteria »“Ignore” vulnerability feature allows for creation of policy exceptions »Closes tickets for fixed vulnerabilities with no manual intervention

22 22 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Automatic Ticket Creation Features & Benefits VM Pioneers: Introduced integrated remediation workflow in early 2002 Vulnerabilities automatically turn into easily managed tickets Comprehensive control over ticket creation by scan / vulnerability severity Establishes accountability: the key to getting vulnerabilities fixed

23 23 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Automatic Ticket Assignment Features & Benefits Rules-based automatic ticket assignment using multiple, flexible criteria Automated export of tickets to 3 rd party helpdesk systems (e.g. Remedy) “Ignore” vulnerability feature allows for creation of policy exceptions

24 24 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Automatic Ticket Closure Features & Benefits Closes tickets for fixed vulnerabilities with no manual intervention One-click verify scans to confirm fixes Comprehensive searching feature enables for simple remediation progress analysis and tasking

25 25 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Measure and Benchmark »FoundScore: intuitive 0-100 security scoring system based on vulnerabilities and asset criticality »MyFoundScore: customizable scoring that matches your policy »Risk Score: immediately visible statement of overall enterprise risk level –Considers impact of breaking threat events on assets and existing vulnerabilities »Interactive, executive dashboard for comparing business units/regions, platforms and tracking key statistics

26 26 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Interoperability: Foundstone Link »Open architecture leverages current technology investments –Seamlessly integrates with existing database, network & system management solutions –Open database design works with 3rd party reporting tools & custom SQL queries –Web services-based »API set to allow external applications to leverage the power of FoundScan engines –Scan creation, scan management, scan results access »Authentication API for use with Netegrity Siteminder, RSA SecurID, LDAP and other technologies »Support for standards such as CVE, IAVA, & SANS/FBI Top 20

27 27 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved Total Cost of Ownership »Focus on interoperability and management results in overall low TCO –Vulnerabilities, threats and system can be automatically updated –No appliance patches to test or install –Does not require additional staff or skill sets »Comparison of TCO against competing vulnerability management services results in significant savings over a 5-year period YearFoundstoneCompetitorDifference 1 st year$187,747$140,079 $58,845 2 nd year$240,494$275,646 ($37,698) 3 rd year$293,240$411,213($134,241) 4 th year$345,987$546,780($230,784) 5 th year$398,734$682,347($327,327) Numbers based on projected pricing for a 10,000 system environment, HW/SW/Services included

28 28 Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved CapabilityFStonenCircleQualysTenableeEyeISS Enterprise-Class Assess. Quality/Depth Flexible, Open Arch. Threat Corr. Module Risk Mgmt. / Metrics Full, Flexible Reporting Robust Remed. Module Full User System / RBAC Compliance Reporting Competitive Comparison - Full capability - Some capability (blank) – No capability

Download ppt "Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved »Foundstone Enterprise 4.0 Detailed Product Presentation."

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
Complete Event Log Viewing, Monitoring and Management.

Complete Event Log Viewing, Monitoring and Management.
Customer Strategic Presentation March 2010

Customer Strategic Presentation March 2010
Complete Event Log Viewing, Monitoring and Management.

Complete Event Log Viewing, Monitoring and Management.
HP Quality Center Overview.

HP Quality Center Overview.
Enterprise Content Management Departmental Solutions Enterprisewide Document/Content Management at half the cost of competitive systems ImageSite is:

Enterprise Content Management Departmental Solutions Enterprisewide Document/Content Management at half the cost of competitive systems ImageSite is:
The future of Desktops Transform Your Desktop with Virtualization.

The future of Desktops Transform Your Desktop with Virtualization.
Motorola Mobility Services Platform (MSP3.2) Control Edition Optimizing use of your mobile assets Daphanie Wallace June 2008 Enterprise Mobility Solutions.

Motorola Mobility Services Platform (MSP3.2) Control Edition Optimizing use of your mobile assets Daphanie Wallace June 2008 Enterprise Mobility Solutions.
Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.

Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
The Business Value of CA Solutions Ovidiu VALEANU Senior Consultant DNA Software – CA Regional Representative.

The Business Value of CA Solutions Ovidiu VALEANU Senior Consultant DNA Software – CA Regional Representative.
Boost your network security with NETASQ Vulnerability Manager.

Boost your network security with NETASQ Vulnerability Manager.
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Microsoft CRM 3.0 Features that provide values for customers.

Microsoft CRM 3.0 Features that provide values for customers.
1 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative IP Address Management (IPAM) and its Security Implications Rick Bylina, Sr. Product Marketing.

1 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative IP Address Management (IPAM) and its Security Implications Rick Bylina, Sr. Product Marketing.
Microsoft Dynamics. Introducing Al-Futtaim Technologies  One of the region’s leading System Integrators  Strong partnerships with leading global ICT.

Microsoft Dynamics. Introducing Al-Futtaim Technologies  One of the region’s leading System Integrators  Strong partnerships with leading global ICT.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Similar presentations

Ads by Google