 |
|
|
|
In order to conduct the threat analysis, RedSeal SRM brings together
information about network access and server security posture and compares that
against a known database of threats called the RedSeal Threat Reference Library (TRL). This
RedSeal SRM internal library contains detail on thousands of known threats and
vulnerabilities which is gathered from publicly available sources like, but not
limited to, the National Institute of Standards and Technology and the CERT
Coordination Center as well as RedSeal driven research. Threat information
includes a detailed description, the Common Vulnerability Scoring System Score
(CVSS), patch availability as well as detailed technical information on whether
and how the exploit can be leveraged with other vulnerabilities or applications
to create a more complicated or blended threat.
RedSeal's detailed analysis of threat traversal references the information in
the library to determine how the exploit might propagate deeply into the
network and identifies the path taken and which assets are at risk as a result.
A dedicated development team conducts continuous research and provides TRL
updates weekly. These may be downloaded through the RedSeal
Support center.
|
