This Past Week
8/23 - 8/30
  New Vulnerabilities  
1194
 
New Signatures
 
253
Request More Information
Request White Papers
Subscribe to our Free Newsletter
 

Signature Mapping Overview

Operational Challenges without Security Signature Mapping:

  • Stovepipes of information with separate reports from each security discipline
  • No cohesive picture of overall state of security
  • Little cross-reference capability
  • Tedious, manpower intensive analysis required

Technical Challenges that demand Security Signature Mapping:

  • IDS / IPS & Vulnerability Assessment products have no standardized signature naming - multiple vendors use their own naming convention
  • Current vendor initiatives only tie a couple of products together (usually offerings from the same vendor) - best of breed products rarely come from the same vendor
  • Vulnerability Knowledge Bases have limited cross-reference capability - some knowledge bases are more complete than others, and they are all updated at different frequencies

    From Network Computing's Security Pipeline:
    "Although vulnerability dictionaries, such as CVE (Common Vulnerabilities and Exposures), attempt to create some common methods of correlating products, our own investigation of signature sets and vulnerability checks showed a 60 percent crossover rate in best-case scenarios, below 30 percent in others. Doing it 'by hand' is still the only accurate mapping method we know of."

    Not any more...

The Solution:

SecurityNexus invests the time and resources necessary to perform the tedious mapping of security signatures across industry leading products and data sources so you don't have to.  Our security signature mapping solutions enable customers to maximize the usefulness of their existing information security infrastructure and focus on the strategic and operational needs of their organization.  Through a variety of both automated and manual processes, our technical team researches new and evolving vulnerabilities, exploits and attack signatures to map those items to the rest of the SecurityNexus data set.  We then provide that data set to our customers on a subscription basis to be used in their existing security operations in the relational database of their choice.

Because new signatures, exploits and vulnerabilities appear constantly, the SecurityNexus data set is updated continually and delivered electronically and automatically to ensure up-to-date content for our customers without administrative headache.  This standardized signature base currently contains over 150,000 signatures -- the most comprehensive in the industry -- providing a solid foundation to enable more effective reporting and security threat analysis.

In Summary :

  • Signature Mapping Data Set provides standardized security signatures for industry-leading security products
  • Data Set can be imported into any relational database for use with existing organizational standard reporting suites
  • Hourly or daily updates are delivered electronically and automatically to ensure optimum reporting and security threat analysis
  • SecurityNexus data set is the largest in the industry with over 150,000 signatures
 
Contact Us Privacy Policy Copyright Info Site Map