Leading VM solutions providers include Tenable Network Security, Qualys, Core Security, IBM, Rapid7, AlienVault, Tripwire, Skybox Security, HP, Intel Security, EMC, Symantec, Secunia and more.
Monolina Sen, senior analyst in Digital Security at ABI Research, said: “While security flaws, such as Heartbleed, affected industries globally, lesser-known vulnerabilities have just as much impact on critical systems in a particular enterprise.”
The increasing use of next generation technologies, like cloud computing and big data, are bound to introduce new vulnerabilities. SaaS (software as a service) providers have the highest number of vulnerabilities on average, followed by the financial services industry.
Design flaws and weaknesses affect a software vendor’s reputation, as well as a supplier’s bottom line, as frequent patches represent a major financial burden.
Groups such as the Health Insurance Portability and Accountability (HIPAA), Health Information Technology for Economic and Clinical Health (HITECH), PCI Data Security Standard (PCI DSS) and Sarbanes-Oxley (SOX) mandate rigorous VM practices.
The ideal VM solution would include capabilities for asset management, vulnerability assessment, configuration management, patch management, remediation, reporting and monitoring. It would also integrate well with third-party technologies, said ABI Research.