Solutions for Remediation and Enforcement - SCAP Validated

Our solutions for remediation and enforcement are unique in that they complement our audit, policy, and vulnerability management capabilities, enabling a closed loop approach for compliance within a single platform.

Our security engineers develop, test and validate, then publish XML content that describes the remediation and enforcement actions, providing a validated source of actions without the customer needing to resort to developing error prone scripts.  Since many vulnerabilities and threats need to be mitigated before there is a patch available, our security engineers develop and provide pre-tested configuration based remediations in addition to patch based remediations.

This enables the use of one of the few methods that can minimize the vulnerability window for hosts and applications during the pre-patch vulnerability window.  For example, when the Windows Preview Pane vulnerability was announced, Microsoft had not yet released a patch to countermeasure against the vulnerability, yet the C5 Security Labs immediate developed a remediation that mitigated the vulnerability exploit and closing the vulnerability window.

The underlying C5 Compliance Platform supports policy enforcement actions that leverage the remediation infrastructure, and we provide policy templates with enforcement actions for a customers use as well.  Actions that may be taken include actions such as:

• Security patch installation or removal
• Configuration modification or rollback
• Start or stop services
• Modification of account privileges
• File management
• System reboots scheduled or immediate

Audit.  Evaluate.  Comply.
It really is that simple.