There are a number of tools available for security assessment testing in the application, system, and network layers of a given information security environment. The problem is that each tool has its own interface and produces results that must be analyzed separately. There is no easy way to combine the results of multiple tools to allow for a consolidated and comprehensive view of the vulnerabilities that exist in a user’s environment and how to manage them. Also, some tools do not allow manual input or customization.
NetSPI has developed a comprehensive testing and reporting product called CorrelatedVM that solves these problems. CorrelatedVM can be rapidly deployed to aggregate, correlate, and manage vulnerability data from multiple testing tools and from multiple layers of the user's environment—code reviews and application assessments; database and operating system assessments; and penetration tests and network assessments. In addition, CorrelatedVM offers a common interface, eliminates overlaps, and supports manual input and analysis verification by both NetSPI consultants and client personnel. CorrelatedVM seamlessly integrates with NetSPI consulting services and client remediation software, and it supports the production of reports customized to a customer's needs. CorrelatedVM is available as stand-alone software as well as SAAS.
