RedSeal Network and Vulnerability Advisor v4.1
Strengths: Rapid implementation, integration to most industry security and network equipment
Weaknesses: No alerting or notification tools for a near real-time tool
Verdict: Decent operational risk solution. Has everything you need to take control of your security posture management
RedSeal Network and Vulnerability Advisor v4.1 is a near real-time risk management solution that uses network and vulnerability data to determine risk and provide prioritised remediation recommendations.
RedSeal Systems security posture management software enables organisations to assess and strengthen their cyber defences. Unlike systems that detect attacks once they occur, it identifies holes in the security infrastructure that create risk before they are discovered by hackers.
RedSeal software analyses and simplifies the complex interaction of firewalls, routers, load balancers and hosts, delivering in-depth understanding of overall security posture, continuous compliance with regulations such as PCI DSS, FISMA and SOX and actionable steps for risk remediation.
Using its understanding of network controls, RedSeal transforms the output of vulnerability scanners into risk-prioritised action plans. It automatically prioritises vulnerabilities based on their exposure to untrusted networks, as well as their ability to enable pivot attacks deeper into the network. It also automatically identifies potential mitigating network controls and can be integrated with GRC frameworks to feed IT risk into enterprise risk management systems.
We loved the reporting capabilities and especially the 'what if' analysis capabilities. It allows you to make a change in the management console and model that change using your network map and configuration data to graphically see how that change may or may not enhance your overall security posture.
The product gives you a great top down view of the network and security posture at an enterprise level and more importantly, the dependencies and interdependencies of each control on others. You will quickly be able to see graphically, how risks may be able to move across your assets or systems using the risk and threat vector overlays on the network topology maps.
RedSeal is available as client side software or as an integrated appliance. The software installs easily and runs on a Windows server and contains everything you need to run it. The ability to learn and map out your enterprise makes deploying it very easy and gets you up and running very quickly. Phone and email support is available on an 8/5 basis for a fee.