Remediation for security problems

This new product is a good source for remediation scripts.

The vast majority of security scanning tools, be they standalone scanners like ISS Internet Scanner or GFI LANGuard,

or a scanning service like the one from SecuritySpace.com, the results of scanning a Windows system come in the form of a report of potential vulnerabilities, exposures, and so forth, with advice on how to repair same.

Now there may be a way to get more service. At TechEd, (June 1 - 6 in Dallas) a friend of mine ran into an outfit called Citadel Security Software (coincidentally, also based in Dallas) that offers a product called Hercules. Hercules provides what the vendor unabashedly calls "automated vulnerability remediation." In a nutshell, it captures the output from a variety of security scanners, and then fixes the potential vulnerabilities, exposures, and so forth that these tools uncover.

How, you ask. The company says it has a team of engineers who track vulnerabilities, security bulletins, Microsoft security alerts, and so forth, and build automated remediation scripts that can work with Windows NT 4.0 (SP4 or higher), Windows 2000, and Windows XP computers to repair, correct, or otherwise mitigate potential causes of security problems on such machines (Hercules also works with Solaris 2.6, 7, 8, and 9; Red Hat 6.0 through 7.3. Such scripts are called remediation signatures, and are stored in a database where they can be pulled or pushed to a client Hercules server (which then manages delivery to all target systems on the client network(s)).

Hercules says it can currently import vulnerability assessments from numerous security scanners, including the Harris STAT scanner, ISS Internet Scanner and System Scanner, Microsoft HFNetChk, Nessus, Qualys QualysGuard, and the Retina Digital Security Scanner. It can also address multiple classes of vulnerabilities including unsecured accounts, mis-configuration or configuration errors, unnecessary services, backdoors, and software defects resolved by patches, SPs, or hot fixes.

If you're scanning for vulnerabilities, but don't yet have an automated solution to do anything about them, it can't hurt to take a look. Visit www.citadel.com for more information.

This was first published in June 2003

Dig deeper on Endpoint security management tools

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close