Automated vulnerability management and remediation
Tufin enables a proactive, contextual and actionable vulnerability program through applications that integrate with your existing vulnerability scanners and leverage their data.
Enabling Your Vulnerability Management Strategy
Organizations need to confirm that new connectivity requests are not granting access to assets with known vulnerabilities - automatically. They also need to mitigate connections to assets with newly discovered vulnerabilities - automatically. Together Tufin’s Vulnerability-based Change Automation (VCA) App and Vulnerability Mitigation App (VMA) vulnerability apps enable both.
Preventing Connectivity to Vulnerabilities
One of the challenges when setting a new security rule or enabling connectivity is ensuring that access is not being granted to vulnerabilities. With the release of the VCA Tufin customers can automatically address this problem by integrating assessments into their existing processes or workflows.
The VCA automatically retrieves scan data from an organization’s vulnerability scanner and reflects the results in the risk assessment step of an access request workflow. Integration is supported with leading vulnerability management solutions including Tenable, Rapid7, Nessus and Qualys. Customers can proactively ensure there are no risky vulnerabilities in the source or destination of assets before provisioning new network access.
The Tufin Vulnerability Mitigation app enables organizations to prioritize remediation and mitigation efforts by enhancing vulnerability scanner output with network insights. By combining vulnerability measures (CVSS and severity) with insights into how these vulnerabilities may be accessed and exploited via the network, you’ll have the context to identify and address vulnerabilities that pose the greatest threat to your critical business assets.
The Tufin Vulnerability Mitigation app provides out-of-the-box integration between Tufin and the most widely used vulnerability management solutions, including Tenable.io, Tenable.sc, Qualys VMDR, Rapid7 Nexpose, and Rapid7 InsightVM.
Automated Risk Prevention
Proactively ensure there are no risky vulnerabilities within source or destination assets before provisioning new network access – automatically.
Risk-based remediation prioritization
Prioritize vulnerability remediation efforts based on exposure of critical assets as well as severity of vulnerabilities.
Use network insights to identify vulnerable assets
Easily assess overall risk to critical assets resulting from vulnerabilities that are both accessible and exploitable.
Easily apply mitigation when remediation is not an option
Automate risk mitigation by blocking access to the critical asset until remediation efforts can be fully implemented.