Risk Management as Managed Service

  • Automated risk identification through provided hardware appliance and specific software
  • No installation necessary by the company
  • Configuration according to specific needs and conditions
  • No trainings or certification workshops necessary for employees

Automated Risk Detection

  • Vulnerability Assessment System (VAS) for internal and external vulnerability scans reveals a 360-degree view
  • Real-time monitoring of network data flow (Network-based Intrusion Detection System – NIDS) and analysis and identification of network anomalies
  • Host-based Intrusion Detection System (HIDS) for the identification of risks on hosts and devices
  • Centralized Security Information & Event Management (SIEM)
  • Aggregation of events and information from all areas (VAS, HIDS, NIDS, SIEM)
  • Identification of risks via state of the art Correlation Engine and continuous enhanced policies
  • Real-time alerting on the basis of set thresholds

Risk Assessment by Experts (Risk Intelligence)

  • Risk analysis and assessment by experts based on the results of the automated risk detection
  • Clear exposition of risks and guidance for their remediation
  • Different Risk Intelligence intervals eligible (daily/weekly/monthly)

Active Guidance for Risk Remediation

  • Remediation of risks easily comprehensible due to overall risk remediation workflow
  • Feedback system for communication with experts during remediation of incidents
  • Optional fire-fighting in emergency situations

Comprehensive Information Center & Reporting

  • Cockpit with extensive statistics: vulnerabilities, anomalies, network data,  scans, services, assets, and many more
  • Inventory of identified assets within the network and generation of asset profiles
  • Customizable organization of assets and networks into groups as well as search function for all assets
  • Distinct dependences among services (e.g. Email, web server, fileserver) and also vis-à-vis assets (e.g. hosts, router) are highlighted
  • Role-based reporting (Management, CISO, Head of IT, Security experts / IT staff)

Security / Scalability

  • RadarBox as hardened system with encrypted end-to-end communication
  • Multiple encryption (VPN, SSH tunneling, SSL) for access to the RadarBox
  • Particularly suitable for distributed environments by allocating functions to different RadarBoxes

Interoperabiliy / Automated Updating

  • Integration with other leading solutions e.g. for SIM and helpdesks
  • References to the Common Vulnerability Scoring System (CVSS)
  • Software updates via a central Update Service through a secured connection
  • Rules for risk identification and correlation always up to date