Vulnerability watch, database, alert and management
- a computer vulnerability watch and a security watch
- a vulnerabilities database for systems and software, with more than 20000 vulnerabilities
- computer vulnerability bulletins available in HTML, txt, XML, PDF and RTF
- detailed analysis of threats impacting applications and networks
- patches and workarounds
- a web space where each user defines its preferences
- a customized tracking of your software and systems
- RSS feeds, alert and synthesis e-mails, to announce vulnerabilities
- a vulnerability management tool, to secure the enterprise network
- a manager view, and customized security reports
Vulnerabilities are discovered daily and published on Internet. These vulnerabilities are quickly used by malicious individuals, and impact the security of your systems.
Companies must implement workarounds, and then install final patches.
Vigil@nce describes daily these vulnerabilities and how to protect your systems.
Vigil@nce offers a database with more than 20000 vulnerabilities and their 30000 associated solutions.
This vulnerability database grows every day.
The Vigil@nce vulnerability watch team publishes technical bulletins containing information on threats and their solutions.
Theses bulletins are available in HTML, text, XML, PDF and RTF formats and contain:
- a title, a synthesis and a description of the vulnerability
- a list of impacted software
- a list of solutions (each one is associated to a software and described in its own bulletin)
- a severity level
- a copy of information sources
Vigil@nce analyzes vulnerabilities, in order to write a pedagogical explanation.
An administrator who understands a threat will efficiently protect his system.
For each vulnerability, Vigil@nce offers the most efficient solutions or patches.
Workarounds are also available.
Bulletins are stored in a vulnerability database and are available on the Vigil@nce web site.
Each bulletin can be found with various search criteria such as the software, the publication date, the severity level, etc.
An administrator account is sent to the subscriber. Then, this administrator can connect to the web site to create user accounts.
Users access to the web site, and read vulnerability and solution bulletins.
Users create or choose perimeters.
A perimeter is a list of products (software, system) to track. For example, a first perimeter can contain Debian Linux and Apache httpd. A second perimeter can contain FreeBSD and Samba.
Each user can filter bulletins depending on chosen perimeters.
Users receive their vulnerability bulletins via synthesis or e-mail alerts:
- according to a predefined frequency (immediate, end of day, end of week or end of month)
- according to a predefined format (HTML, text, XML, PDF or RTF)
- according to a predefined urgency level (severity from 1 to 4)
RSS feeds are also proposed to announce vulnerability notes.
Users plan solutions (patch, workaround) for their perimeters online in a diary (for example, "this patch has to be installed before the 3rd of July"). The manager can also assign tasks to users, in order to manage vulnerabilities.
When a new task has to be carried out, the user is informed. When it is completed, he fills in the diary.
The manager extracts reports containing statistics on the security level of the information system.
Several users can work on the same perimeter: Vigil@nce is a collaborative work environment.
Vigil@nce can be adapted to match your needs, with options summarized below:
- an internet press watch about computer security (cryptography, management, etc.)
- an internet press watch about computer threats (virus, malware, spam, phishing)
- a watch on major viruses and worms
- a French / English bilingual access
- an extension of products to track
- a phone hotline, to answer your questions
- a dvd shipping, to have Vigil@nce's data with no internet connection
- an XML and SQL export, to import Vigil@nce's data into your specific applications
On January 7th of 1999, the Vigil@nce daily watch on vulnerabilities, was created.
In December 1999, Vigil@nce was the first European service to be declared CVE compatible by the MITRE. The CVE (Common Vulnerabilities and Exposures) identifier is used to organize vulnerabilities.
In 2003, the MITRE set up a new certification procedure, and awarded a certificate to Vigil@nce on February 24th of 2004, during the first certification campaign.
Vigil@nce analyzed more than 20000 vulnerabilities and their 30000 associated solutions.
The Vigil@nce daily alert on vulnerabilities service can be used by:
- administrators who secure the network of their company
- auditors who provide security consulting services
- maintenance of security conditions teams who secure the network of their customers
- outsourcing teams who administer the network of their customers
- assistance teams who help their customers to manage their systems
A free trial period is offered to discover our service.