BMC has introduced BMC SecOps Response Service, a cloud-based solution that eliminates security risks and reduces companies’ overall attack surface across multi-cloud environments, including AWS and Microsoft Azure. When coupled with endpoint management tools, including Microsoft System Centre Configuration Manager (SCCM) and BMC BladeLogic Server Automation, organisations can rapidly prioritise and remediate. According to IDC, more than half of all enterprise IT workloads will live in the cloud within the next year. As organisations accelerate their cloud adoption strategies, many sacrifice security for the sake of speed. Traditional tools used to manage the data centre are not built for the cloud, and cloud security operations tools often require manual inputs that lead to delays and inconsistencies.
Delivering on BMC’s promise to offer customers multi-cloud management solutions to fit their needs and environment, SecOps Response Service solution offers teams the ability to quickly enforce security policies and manage multiple cloud environments and on-premise systems, including data centres from one tool.
The SecOps Response Service solution:
· Enables security and operations teams to operationalise their vulnerability management strategies for faster remediation and reduced risk with policies that are flexible and scalable;
· Provides visibility into planned actions, predictive service level agreements (SLAs), and burndown views, thus enabling them to more actively control the security levels of an organization;
· Prioritises vulnerabilities based on policy, SLAs, severity, and impact.
“Online Business Systems has built our Security Integration Framework on BMC technology, and we believe that the new BMC SecOps Response Service will fill a critical gap in the market and will be a game-changer in the Security Operations space,” said Jon Fraser, Managing Director, North America, Online Business Systems. “As environments become more complex with the advent of hybrid infrastructure, there has been a significant gap in SecOps tools available to solve this challenge– until now.”
“When operations receives vulnerability data from the security team, it lacks the context necessary in order to prioritise and take action,” said David Cramer, vice president and general manager of security operations at BMC. “SecOps Response Service helps answer critical questions such as, which applications are dependent on those systems? Do we have a patch to address the vulnerability and has the patch been tested? When is the next available maintenance window that we can use to remediate this issue? A cloud service like SecOps Response Service facilitates increased coordination and collaboration between the teams. By providing prescriptive and actionable data, IT operations and security teams can prioritise and remediate security threats and vulnerabilities based on the potential impact to the business.”
According to Gartner, the cybersecurity community harbours the irrational fear that most attacks will target zero-day vulnerabilities or previously undiscovered weaknesses. In fact, most malware is designed to attack vulnerabilities that IT professionals have already identified. Additionally, 99.99% of exploits are based on vulnerabilities that have already been known to security and IT professionals for at least one year.
The SecOps Response Service solution addresses this by natively integrating operations with vulnerability scan data from Rapid7, Tenable, and Qualys, providing automatic enterprise-grade remediation.
As companies look to enhance their Security Operations capabilities, BMC offers professional and education services to complement SecOps Response Service. These include subscription-based 24/7 access to online training to accelerate adoption of the solution, consulting for process and operational change management, a three-month Day 2 Operations service to help organisations optimise their use of the solution post go-live, and an Application Managed Service where BMC staff manage the solution on the client’s behalf.