Vulnerability management for servers and network devices is a challenging and critical task. Today, a variety of solutions are available for security operations (SecOps) engineers to detect, identify, and remediate vulnerabilities. Since these solutions often provide variable levels of information, like only reporting open vulnerabilities and excluding mitigated vulnerabilities, manual remediation is sometimes required.
The BMC Helix Automation Console is a hybrid solution deployed in the cloud that uses an on-premises automation engine to remediate security vulnerabilities on servers as well as network devices. It integrates with leading vulnerability scanners to collect data for IT resources located on-premises and in the cloud, and works with discovery solutions to identify blind spots that need to be scanned.
After consolidating the vulnerability scanner data collected, the solution uses advanced analytics to transform that data into actionable information, map vulnerabilities to assets and patches, help determine priorities, and automate patch acquisition and deployment to remediate security exposures. BMC Helix Automation Console also offers closed-loop change management, managing compliance with regulations and policies and automating the remediation of out-of-compliance conditions.
With a recent product update, the solution imports, identifies, and closes vulnerabilities, regardless of the scanner, for a single scan or multiple recurring XML scans. Leveraging REST APIs, the solution can also remediate and close vulnerabilities imported using APIs by:
- Previewing and analyzing vulnerabilities that were reported in the previous scan but considered remediated (/api/v2/violations/close/auto-closure/vats/preview)
- Allowing the user to actually close them (/api/v2/violations/close/auto-closure/vats)
Auto-closure of externally remediated vulnerabilities using BMC Helix Automation Console significantly improves the accuracy and status of all open vulnerabilities, helping to keep the vulnerability dashboard clean and up-to date.
To learn more about BMC Helix Automation Console and the vulnerability auto-closure capability, refer to the product documentation.