FusionVM SaaS

FusionVM SaaS

Manage Security, Reduce Risk, Sustain Compliance

FusionVM SaaS

FusionVM SaaS from Critical Watch enables organizations to reduce risk and sustain compliance



by automating Vulnerability Management and Security Configuration Policy Compliance through an



on-demand service. Using this subscription based Software-as-a-Service (SaaS), you can simply log into



a secure web portal and profile your asset inventory, set risk and configuration policies, view a variety



of risk and compliance reports and track remediation progress. Easily deployable, FusionVM SaaS



allows you to quickly begin the risk and compliance management process with minimal effort.









Benefits: Deployable, Intuitive, Low Cost Determine Risks to Key Assets

» Broad based assessment coverage addresses network, Web application

of Ownership and database vulnerabilities in a single platform

» Hosted service infrastructure is updated and maintained by Critical Watch » Credentialed scanning identifies missing patches for Windows, Unix & Linux

» Full encryption provides total data protection » Bandwidth utilization is managed through configurable throttling

» Flexible subscription pricing model means you pay based on what you use » Flexible scheduling to fit operational and business objectives

» Continual intelligence feeds correlated against your asset profile enable » Operational Windows enforce acceptable time periods for scans

you to maintain a preventive stance » CVE-compliant vulnerability database displays CVE number in exposure

» Dynamic Web-based reports are updated with each scan detail descriptions

» Remediation workflow manages the mitigation process Track and Audit Exceptions

» Security risk and configuration policy tracking support regulatory compliance

» Suppress acceptable risks from reporting and remediation workflow

» Capture the audit trail including original exception author, reason,

Features: End-to-End Security Risk and creation date, expiration date and complete history

» Port customization avoids scanning sensitive ports or custom applications

Compliance Management » IP exceptions list tracks specific hosts to be omitted from scanning entirely

Vulnerability Management—FusionVM automates this key risk Manage Remediation Workflow

and compliance process in a way that is uniquely optimized for your business

needs and regulatory requirements. » Flexible assignment capability allows Managers to search available exposures

by multiple parameters to create tickets

Discover and Classify Critical Assets » Tickets can be assigned individually or to groups

» Evaluates both active and inactive hosts » Managers can view all current assignments along with status, severity

» Detects wireless access points and past due flags

» Catalogs network devices, servers, printers and desktops » Technicians can view “My Assignments” to access assigned tickets

» Lists installed applications » Due dates enable enforcement of policy on acceptable remediation

time windows

» Identifies standard and non standard open ports

» Complete ticket history is viewable

» Identifies known and unknown services

» Easily accessible Web links to available manufacturer patches or

» Provides search capability of asset and configuration reports

workarounds as well as original advisories provide detailed solution steps

View Risk Metrics with Flexible Reporting » Defines stakeholders’ asset responsibility and accessibility to different

features and functionality

» Reports and Risk Scores are dynamically mapped against the user

defined organizational tree structure » Enables distributed operational autonomy without sacrificing central oversight

» Flexible drill-down/roll-up format from any tree location » Delivers ability to align security efforts with business priorities while

supporting regulatory and policy compliance

» Trend analysis establishes baselines, then facilitates performance

measurement over time » Permits auditing of user log in activity

» Historical reporting fulfils audit requests Asset Management—FusionVM facilitates an effective understanding

» Report types cover summary charts and trending, vulnerability details, of your enterprise environment with automated discovery, flexible asset

system profiles, variance over time, open and unknown services and naming and detailed tracking.

early warning alerts

» Dedicated asset management database for organizing, editing

» Report tab export options include Adobe Acrobat, MS Excel, HTML,

and tagging assets

TIFF, XML and CSV

» Detailed asset tagging capability to apply user specific labels for assets

» Reports are searchable, by exposure and by known and unknown service

created in FusionVM

Prevent Threats with Continual Alert Feeds » Asset tags include standard options as well as ability to create custom tags

» Passive alerts are correlated against the most recent asset profile and » Search asset database with Asset Management permissions

delivered to the responsible administrator on the same day » Rogue device tracking to detect unknown hosts

» Alerts are Web–based as well as sent via encrypted email » Track asset ownership in static or dynamic environments

» Alerts identify affected machines, detail severity, likelihood of exploit, skill

level needed to exploit, and provide links to references, fix instructions or Security Configuration and Policy Compliance—

available work around Agentless scanning enables a closed loop process for setting vulnerability

and configuration policies based on business and regulatory requirements and

Administer Feature and Reporting Access with Enterprise Permissions then validating ongoing compliance.

» Hierarchical tree provides the fundamental permission and reporting

Vulnerability and Risk Policy

structure and can be built around division, platform, asset type, business

role of asset, regulatory requirement, audit requirement or any other » Apply policies can be applied to an asset or groups of assets

business meaningful structure » Enforce and track policies associated with age of vulnerabilities, scan

» Flexible permissions management provides both fine grained and templated frequency, risk scores and remediation status

approaches to user and group administration » Measure risk on key compliance related asset groups through the

» Visibility and Access further tailors user levels by hiding or displaying Risk Scoring component

functional tabs based on required role

continued…



Security Configuration Policy

VM Server—Internal Network Coverage

» Credentialed discovery validates optimal secure configurations

» Over 200 Windows Policy Checks insure compliance with industry standards » Remotely managed appliance provides

coverage of internal networks through a

» Policy categories address Service Packs, Major Auditing and Account

hardened, secure solution.

Policies, Minor Auditing Policies, Event Log Settings, Major Security

Settings, Available Services, User Rights, Minor Account Policies and » Establishes an encrypted outbound connection

Minor Security Settings to the Critical Watch Secure Center through

a configurable port or proxy.

Compliance Dashboard

» Provides a global view into overall compliance status

» Asset-specific and policy-specific views to quickly pinpoint and

Service & Support

mitigate key violations Critical Watch provides the following support services for FusionVM SaaS:

» Auditable reporting enables compliance on key asset groups relating to

» Training

Sarbanes-Oxley, HIPAA, GLBA, PCI, FISMA, and other standards

» Early warning intelligence alert feeds for new vulnerabilities

» View Compliant and Non-Compliant Dashboard for most compliant or

non-compliant assets, operating systems, or policies » Scanning toolkits, vulnerability library and policy library updates

» View compliance or non compliance by custom asset tag views » Portal software updates

» Compare compliance status across assets, operating systems or policies » Customer support (24x7x365)

» Reporting provides visibility to disallowed applications and services

» Flexible permissions enables view to specific assets for compliance

dashboard access only









About Critical Watch

Critical Watch is a leading provider of patented security risk management and compliance solutions that enable

a comprehensive business process for integrating vulnerability management and security configuration policy

compliance across the enterprise. In addition to its FusionVM suite of appliance-based and Software-as-a-

Service (SaaS) -based solutions, Critical Watch provides PCI Compliance services as an Approved Scanning

Vendor. Critical Watch clients are Global 2000 enterprises across verticals such as healthcare, financial services,

state and local government, ecommerce and manufacturing. FusionVM empowers organizations to:



» Efficiently and effectively manage business critical risks across the enterprise

» Establish better visibility, measurability and control over their risk and compliance process

» Coordinate and embed a preventive process across all operational groups

» Validate regulatory and policy compliance







4201 Spring Valley Road, Suite 1400 • Dallas, Tx 75244

1.866.525.8680 • 214.623.5600 • info@criticalwatch.com