OWASP Vulnerability Management Center: Scalable, Open Source and Free Vulnerability Management Platform

OWASP Vulnerability Management Center

VMC (OWASP Vulnerability Management Center) is a platform designed to make vulnerability governance easier for any security specialists and SOC teams within their organisations. VMC is a great partner in any vulnerability management process, allowing automation and making your life easier. You can integrate VMC with vulnerability scanners and platforms like TheHive. Additionally, VMC takes care of asset management integrating with Ralph, whole vulnerability reporting, and dashboards (Kibana) for a clear overview. VMC allows you to focus on the most important vulnerability issues within your environment.

The tool integrates with infrastructure elements such as: a vulnerability scanner, publicly available knowledge bases on published vulnerabilities, IT resource inventory systems and reporting systems. Thanks to the wide possibilities of data normalization and the transparency of the interface, it presents information on threats in an accessible way and alerts about deviations from the norm and anomalies. The main innovation factor of VMC is the organization’s vulnerability analysis, as opposed to the common vulnerability assessment approach without specifying environmental conditions. Thanks to the assessment calculated by the VMC, the cybersecurity team can focus on the most vulnerable elements of the infrastructure in its work, prioritizing repair processes based on the recommendations provided by the tool. In addition, presenting the current state of the infrastructure is possible at any time, in an accessible, user-adapted manner.

The architecture of the solution makes it possible to run it in any environment depending on the demand. It can be a public cloud, a private cloud, a physical server, or a virtual machine.

Install & Use

Copyright 2020 DSecure.me