NetIQ Vulnerability Manager Listing updated: July 25, 2006

NetIQ Vulnerability Manager ensures that you are identifying the latest system vulnerabilities and complying with corporate and regulatory policies to manage information security risk. NetIQ has teamed with TruSecure to provide you with information on vulnerabilities and exploits through our AutoSync capabilities in Vulnerability Manager. AutoSync provides a common pipe for publishing and delivering vulnerability knowledge as well as other security-related content including patch databases, regulation templates and even sample policy templates. AutoSync can be configured to pull new updates hourly, daily or in the middle of the night to ensure that your vulnerability scans aren't using stale knowledge. NetIQ provides checks to evaluate the most common security controls. Additionally, NetIQ Vulnerability Manager provides templates organized by regulations such as Sarbanes-Oxley, HIPAA, FERC and GLBA or by best practices such as SANS Top 20, Center for Internet Security, workstation hardening and other operating system baselines. Controls assessments can be run as-needed or scheduled to occur regularly to ensure on going policy compliance. Reports highlighting your most critical and most at-risk systems, provide summaries. NetIQ Vulnerability Manager has the power to identify missing patches on Windows, Unix and Linux platforms. Moreover, NetIQ Vulnerability Manager assists patch management efforts on Windows workstations and servers by assessing automatic update settings and identifying patch installation failures and other events related to patch deployments.

Company: NetIQ Corporation
URL: www.netiq.com
Email: info@netiq.com

Users' Rating: 4 [22 votes] - Vote

Comments

May 8, 2003 - Powerful Comprehensive Vulnerability Scanner w/ superb features... by L. Rivera,: - It's easily one of the fastest scanners around - Large scan with Nessus and ISS took 10 hours, with Security Analyzer the scan took 2 hours.
- Contains a large number of different types of scans (web services, user account, port scan, system inventory, password analysis, configuration hardening, etc.)
- The product has the best looking reports available with an export feature to move scan results to XML. You can import the XML into the provided Access database and any SQL Server.
- Rich customization features, including the ability to write your own security tests using VB.NET, JScript.NET and PERL. I easily wrote several tests to capture additional Inventory ID and location data we specifically use in our company.
- Agents are optional. It uses an impressive hybrid (network and host-based) scan engine designed to allow accurate,more reliable testing of a target host over the network – no need for both host- and network-based scanners, you get both in one package. Reduced the rate of false-positives I encountered when using Nessus and ISS (both are network only scanners).