cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Samclarke80
Newcomer II

Vulnerability Management

Hi There, I'm a Security Analyst and have just taken on a new role a few months ago.  I work for a small organisation (220 staff, 15 IT staff) and we have a variety of apps that report on vulnerabilities.  To begin with I am trying to discover all our vulnerability sources, what vulnerabilities they currently have and their severity.  So I have exports of detections to date from a vulnerability scanner, endpoint protection tool, Pen tests results, Web Application Security Scanner and a manually created list of vulnerabilities in the admin tools that we use and including users as a vulnerability too.  My question is what is best practice in taking all these data sources and managing them in one place that is not a spreadsheet?  Are there any free/low cost tools that can accept data from all these sources, display them and then allow me to track the remediation.  Qualys is a good tool for tracking remediation and reporting but I cannot import other data into it.  What do other people do?

15 Replies
Samclarke80
Newcomer II

Thanks, yes perhaps an in house solution might be possible although our developers are flat out.  Exporting spreadsheets is the way forward for now until I can get agreement on extra resources or extra finances!

JeffOdegard
Viewer

There is a free, open source tool that isn't very widely known yet, which solves some of your problems.  The best part is that it's extensible, so we can add parsers for any number of sources.

 

https://sourceforge.net/projects/sagacity/

 

Please let me know if I can help in any way.

 

 - Jeff

 

Jeff A. Odegard, CISSP, CPT, C|EH

jeff.odegard@CyberPerspectives.com

Samclarke80
Newcomer II

Hi Jeff, great thanks I will take a look. Sam
Samclarke80
Newcomer II

Hi Jeff,

 

Looks great!  Before getting this installed am I going to be able to add data from Manage Engine Desktop Central, Qualys Web Application Scanner and Qualys VM scanner data and add manual info from a Pen test report?  Even if I can only add info from Qualys and manually enter vulnerabilities that is going to be a great help.

 

Thanks

 

Sam

JeffOdegard
Viewer

We don't have parsers for those products yet, but if you email me, we can discuss getting some sample data and building some parsers for you. It doesn't take long. - Jeff jeff.odegard@cyberperspectives.com
Samclarke80
Newcomer II

Hi Jeff,

 

Fantastic.  Ok I will go ahead and ask the IT guys to install and configure as per your video next week.  Will email you now.

 

Thanks

 

Sam