Preventsys Inc., a pioneer in enterprise security management solutions, today introduced the latest version of its Enterprise Security Management system, featuring the new Preventsys Preemptive Threat Defense module. Preventsys Enterprise Security Management (ESM) is the first and only information security process management system that enables organizations to comprehensively identify their security weaknesses at all levels of the organization, prioritize issues, and take intelligent actions to protect themselves before threats become costly security incidents.
The Preventsys Preemptive Threat Defense software module, which was added to the company's latest release of the ESM platform, offers a unique approach to threat prevention by enabling enterprises to effectively create an efficient exposure mitigation and elimination process. Preventsys takes in data from a variety of popular security assessment tools and vulnerability scanners, correlates the information, prioritizes mitigation tasks, and automates security remediation activities across complex, global, heterogeneous networks to eliminate the root cause of exposure. The system pinpoints machines, applications and devices vulnerable to a specific attack, and based on the likelihood and severity of the threat and value of the asset, it enables organizations to make objective, cost-based decisions on how to reduce their exposure and manage the risk of business disruptions. It enables the intelligent management of security risk for the entire organization.
"Cyberattacks are becoming more frequent and continue to evolve; and IT security departments armed only with intrusion prevention and security incident management tools find themselves constantly firefighting and reacting to new incidents and security breaches," said Preventsys CEO Tom Rowley, who was the co-founder and former CEO and chairman of Counterpane Internet Security. "The only way to get ahead of the problem and improve security is to put in place a closed-loop corrective action workflow process automated by a management system like Preventsys. Managing information security with a comprehensive business process isn't a silver bullet, but it is the only way large organizations can accurately measure, forecast and actually improve security over time."
According to Rowley, "Just as SAP created a workflow system for business operations, and Siebel built a system to manage customer relationships, Preventsys offers a workflow system for security - an enterprise-grade management solution that seamlessly links and centrally manages disparate technology products. Companies using the Preventsys system are able to discover, prioritize and mitigate security and compliance concerns across their entire network - maximizing the use of the resources and budgets they have at hand."
The Preventsys system addresses all aspects of the information security lifecycle, from automatically discovering assets, to finding vulnerabilities, violations of business requirements, misconfigurations and insecure network architecture, to issue prioritization based on asset value and exposure levels to specific threats, to comprehensive remediation workflow. It is the only solution that captures and correlates asset exposure and business rules with threats and their potential financial impact to an organization - in terms of actual asset value as well as the potential cost of operational disruption.
"As in all corporate technology markets, a time comes when the innovations at the tactical level must be bound together and managed at a strategic level," said Charles Kolodgy, research director, security products at IDC. "By ensuring greater and more central control of security compliance across heterogeneous global networks, Preventsys is taking an important step toward delivering a complete enterprise security management system."
Key benefits include: