StillSecure VAM V5.0 Integrates Vulnerability Management into IT Infrastructure

Industry’s first vulnerability management platform increases the value of existing IT systems, streamlines security administration, and reduces training and management costs

(Louisville, Colo. – November 15, 2004) – StillSecure®, a leading network security software provider to enterprises, today announced StillSecure VAM v5.0, the industry’s first vulnerability management platform. The VAM platform integrates vulnerability management into other core IT systems including asset inventory, trouble ticketing, change management, security portals, vulnerability databases, compliance reporting, and patch management. The integration dramatically reduces costs and increases the value of existing IT systems while providing a higher level of security.

“The very nature of ‘being connected’ opens up the opportunity for compromise through known or unknown vulnerabilities -- coming from the network, the devices on the network, and the people using the network,” said Dan Keldsen, senior analyst, Delphi Group. “Fortunately, the capabilities and sophistication of solutions such as StillSecure VAM v5.0 help to unify overall awareness of network security by taking into account that vulnerability and patch management is an ongoing process that crosses business ownership and technical responsibility. Now the key organizations within IT can rely and act on the information and processes facilitated through VAM's vulnerability management platform.”

VAM Integration Framework™

New with v5.0 is the VAM Integration Framework™, a suite of open application programming interfaces (APIs). The VAM Integration Framework allows for the import and export of data to and from VAM, the ability to control vulnerability workflow processes within VAM’s exclusive Vulnerability Repair Workflow™, and the manipulation of data objects in VAM’s database.

StillSecure VAM and the VAM Integration Framework create an end-to-end vulnerability management system that provides a systematic approach to finding, tracking, and repairing network vulnerabilities. With the release of v5.0, VAM can be implemented as a standalone vulnerability management system, or it can be embedded into the existing IT environment using the VAM Integration Framework.

"With StillSecure VAM v5.0, vulnerability management no longer needs to be an isolated security process that resides on the fringe of mainstream IT,” said Mitchell Ashley, CTO of StillSecure. “Using the VAM Integration Framework, customers leverage existing investments by embedding vulnerability management into their core IT environment. The end result is tighter security, comprehensive vulnerability tracking and management, and an overall improvement in IT efficiency and productivity.”

In addition, VAM v5.0 serves as a command center that provides a single, integrated view of all vulnerability data – both VAM-generated data and data from external systems such as third-party scanning tools and patch management solutions. Other security data such as IDS/IPS events and firewall logs can also be integrated into VAM.

Also new in v5.0:

  • Flexible, dynamic device management – create dynamic device collections based on user-defined criteria to build flexible groups based upon any device attribute

  • Multiple browser support – added support for Mozilla Firefox 0.9.3 and Mozilla 1.7 in addition to previously supported Internet Explorer 6.0

  • Authenticated proxy support – place VAM behind an authenticated proxy to obtain information including rule updates, license validation, and software updates via the Internet

  • Streamlined licensing – customers now have a single VAM license based on total number of IPs

Pricing and Availability

StillSecure VAM v5.0 is available immediately from StillSecure or through any of its authorized resellers. It is sold on an annual subscription or purchase-plus-maintenance basis that includes product upgrades, rule updates, and engineer-delivered customer support. VAM is available as a software appliance (includes hardened OS) or as a preconfigured integrated hardware appliance.

About StillSecure

StillSecure provides cost-effective, easy-to-use network security software products for IT and security professionals at security-conscious enterprises. The StillSecure suite reduces the risk and liability of damages from network attacks and tangibly increases the productivity and effectiveness of your resources. For more information please call (303) 381-3830, or visit http://www.stillsecure.com.