Vulnerability Manager: Summary of the Tech Preview Release

Over the past week or so I’ve put up a number of posts with additional information about the Vulnerability Manager, how its internals are structured as well as future plans.  This post consolidates all of that information into a single reference with links to the blog posts and the specific related pages on the Vulnerability Manager website.

Topic Area

Main Web Page

Blog Post

Application Portfolio Management

Portfolio Management

Portfolio Management

Vulnerability Import and Consolidation

Import and Consolidation

Import and Consolidation

Automatic Virtual Patch Generation

Virtual Patch Generation

Virtual Patch Generation

Attack Tracking

Attack Tracking

Attack Tracking

Converting Security Vulnerabilities to Software Defects

Defect Tracker Integration

Defect Tracker Integration

Team Maturity Evaluation

Maturity Evaluation

Maturity Evaluation

I spent most of the week at RSA and had a lot of great conversations with customers and product vendors about the current state of Vulnerability Manager, our plans for the future as well as opportunities for new features and new integrations.  People tend to agree that for the application and software security industry to mature we need to move beyond a focus on finding vulnerabilities to a more holistic view of the process of creating and maintaining secure software.  Also, having open, standards-based tools available for software security teams will help more organizations get started addressing application security issues.

Please feel free to suggest features or improvements and contact us if you would like help standing up a software security team.

–Dan

dan _at_ denimgroup.com

@danielcornell

Posted via email from Denim Group’s Posterous

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Categories: Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *