Data Sheet
Foundstone Remediation
Closed Loop Process for Risk Management
Overview
The sheer number of hosts and weaknesses in the modern
enterprise make fixing vulnerabilities a daunting task. When
you consider organizational complexity and the dynamic nature
of networks, the problem of actually fixing machines can seem
insurmountable. Foundstone® Enterprise was designed to
automate and streamline the process of discovering and fixing
vulnerabilities across a large organization. Although many tools
identify security flaws and weaknesses, the real challenge lies
in resolving severe vulnerabilities before attackers exploit
them. Foundstone Enterprise meets this challenge by offering
a fully automated and tightly integrated Remediation Module
that auto-assigns tickets based on discovered vulnerabilities
and auto-closes them once the vulnerabilities have been fixed.
Identifying a weakness and assigning individuals to remediate
it is simply not enough; an automated remediation process
is the key to success. With little manual effort, Foundstone’s
automated approach to vulnerability remediation enables
organizations to easily track and manage the process of
fixing vulnerabilities, saving organizations precious time—
so you can focus on building business value.
that confirms that the vulnerability was actually fixed before
allowing the ticket to be closed.
When the FoundScan Engine, Foundstone Enterprise’s scan
engine, discovers security flaws that threaten an organization’s
assets, the automated workflow initiates the creation of
trouble tickets to enable complete, closed-loop resolution of
the vulnerabilities. Administrators and managers can easily
create one or more rules that will trigger the system to
automatically assign remediation tickets as the tickets are
generated. The ability to auto-assign remediation tickets
saves administrators and managers valuable time by
delegating responsibility to asset owners and holding
them accountable to address critical security weaknesses.
Remediation users can quickly review all assigned vulnerabilities via the centralized Enterprise Manager Web interface.
This allows each user to make appropriate decisions as to
which issues are most critical and should be addressed first.
Each trouble ticket contains detailed step-by-step instructions
for closing the vulnerability, ranging from simple password
changes to applying missing patches.
Fixing vulnerabilities is difficult at times. Given the complexity
of enterprise networks, even straightforward solutions can
fail, resulting in many fixed issues showing up as outstanding
vulnerabilities in subsequent scans. The one-click verification
functionality offered by the Foundstone Remediation
Module allows users to validate that a vulnerability has been
fixed prior to closing the trouble ticket, eliminating the need
to manually verify fixes and reopen a ticket if a fix did not
work. Users can close vulnerability tickets with confidence
because their fixes have been confirmed within the system.
Remediation Module
Foundstone’s Remediation Module provides an intuitive
means of making asset owners accountable for addressing
the security weaknesses discovered by Foundstone
Enterprise. The Remediation Module’s patent-pending
workflow provides security managers with step-by-step
control over fixing vulnerabilities, with automated verification
www.mcafee.com
The Remediation Module can also be configured with
remediation ticket auto-close functionality, whereby open
remediation tickets are automatically closed if a scan finds
that the vulnerability associated with a ticket has been
addressed, avoiding the need to manually close tickets. This
feature allows an organization’s remediation staff to use
their assigned ticket queue as a to do list for addressing
security weaknesses, without having to manually perform
any actions within the Remediation Module to close tickets
after the vulnerabilities have been fixed.
The centralized Web-based Enterprise Manager allows
security management to track the fix process and quickly
reallocate and reprioritize trouble tickets based upon changes
in work load or available resources. Also, you can easily track
Data Sheet
Foundstone Remediation
Page 2
Closed Loop Process for Risk Management
your progress in fixing vulnerabilities using Foundstone’s
comprehensive reporting and search capabilities.
Foundstone Enterprise easily integrates with third-party
help-desk or trouble-ticketing systems such as Remedy
or Clarify. A simple export action will export vulnerability
tickets to the third-party help-desk systems.
McAfee and Foundstone
The combination of Foundstone’s vulnerability management
and McAfee’s intrusion prevention and Secure Content
Management™ solutions together provide the most
comprehensive portfolio of proactive risk management and
mitigation solutions available to protect IT infrastructures.
For more information about Foundstone products and
services from McAfee, please visit us at
www.foundstone.com or www.mcafee.com.
McAfee, Inc. 3965 Freedom Circle, Santa Clara, CA 95054, 888.847.8766, www.mcafee.com
McAfee, Foundstone, Secure Content Management, and PrimeSupport are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. The color
red in connection with security is distinctive of McAfee® brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. © 2004 McAfee,
Inc. All Rights Reserved.
1-fs-rem-001-1204