Tufin released the Vulnerability-Based Change Automation App (VCA). The new app expands Tufin’s vulnerability management capabilities with automated vulnerability checks prior to approving network access changes.
When combined with the Vulnerability Mitigation App (VMA), Tufin delivers a vulnerability management solution that allows customers to maintain additional control over their attack surface when making network changes.
One of the challenges network teams face when setting a new security rule or enabling connectivity is ensuring that access is not being granted to vulnerable servers.
The VCA addresses this problem by automatically retrieving data from an organization’s vulnerability scanner and reflecting the results in the risk assessment step of an access request workflow.
Customers can ensure there are no risky vulnerabilities in the source or destination of a change ticket before provisioning new network access.
The VCA pairs well with the Tufin VMA, which enables organizations to prioritize remediation efforts and automatically apply mitigating controls by limiting access to assets with vulnerabilities.
By combining the capabilities of VCA and VMA, customers have the context to identify and address vulnerabilities that pose the greatest threat to critical business assets and mitigate or remove existing access as required.
The Vulnerability-Based Change Automation App delivers the following benefits:
- Improves security posture by preventing connectivity to or from risky assets
- Ensures there are no vulnerabilities within source or destination assets before provisioning new network access
- Validates consistent risk assessments during network changes with associated documentation and audit trails
- Increases efficiency of both network and security teams through the automation of security controls
“The release of the VCA strengthens Tufin’s leadership in the market by extending our network security policy management capabilities into vulnerability management,” said Ofer Or, Vice President of Products at Tufin.
“With the app, users can incorporate risk assessment into the decision making around security policy, increase the speed for network change implementation, and enable the business without compromising security.”
VCA provides out-of-the box integrations with leading vulnerability management providers including Qualys, Rapid7, and Tenable.