Security enablement and vulnerability management

Despite attempts to improve security in software coding practices, the number of disclosed vulnerabilities divulged in popular software products continues to rise, especially vulnerabilities affecting Web applications. The increasing risk to these applications requires constant vigilance from IT and security groups even as costs rise, as well.

IBM offers a number of solutions, ranging from managed security services and consulting security services to industry-leading software and hardware products from IBM Internet Security Systems (ISS), that can help you manage these vulnerabilities. Combining best of breed security appliances and software, expert training and instruction, and services that can help you take back control of your IT management practices, IBM helps enable effective security measures that meet your needs today and in the future.

IBM Security Enablement and Vulnerability Management Services include:

• Emergency Response Services: IBM ISS Emergency Response Services include immediate incident management and attack response services from the emergency response team, as well as computer data analysis, discovery and litigation services. Our expert consultants are available to help support criminal, civil, and administrative matters resulting from an information security breach.
• Information Security Assessments: IBM security consultants will conduct thorough evaluations of your existing security architecture, policies and processes, based on the ISO 17799 standard and industry best practices.
• Supervisory Control and Data Acquisition (SCADA) Assessment: IBM security consultants with special expertise in SCADA networks assess and analyze the vulnerabilities of your SCADA systems to identify security gaps and work with you to implement any necessary protection solutions.
• Penetration Testing: Penetration testing services from IBM Internet Security Systems (ISS) help you quickly assess the security posture of your networks by safely identifying vulnerabilities before they are exploited. IBM security consultants use real-world exploitation scenarios to demonstrate how attackers can gain access to sensitive data or systems and significantly impact your business.
• Payment Card Industry (PCI) Assessment: IBM is one of the only vendors in the world certified to perform all PCI assessment services globally. IBM security consultants can help guide your organization through the entire PCI compliance process.
• IBM Proventia Management SiteProtector: IBM Proventia Management SiteProtector helps reduce the burden of security management through centralized control of a broad array of network security agents and devices. SiteProtector can help you unify the management of IBM platform offerings across gateways, networks, servers and desktops, as well as select third-party security solutions, using a single console.
• Vulnerability Management Service: The IBM Vulnerability Management Service combines a managed scanning service with expert workflow and case management to identify vulnerabilities in your network infrastructure and protect them from intrusions that could potentially damage your business.
• Vulnerability Management Scanners: For organizations that prefer to manage security operations in-house, IBM ISS offers a suite of vulnerability management scanners. These scanners conduct automated and continuous scanning to identify vulnerabilities in your network infrastructure that could potentially damage your business.
• X-Force Threat Analysis Service (XFTAS): XFTAS, an e-mail subscription service, is a single source of up-to-the minute, customized security information delivered directly to your inbox. Each notice contains expert analysis and correlation of global security threats along with actionable data and recommendations that help you maintain your network security.