Implementing Vulnerability Assessment with eEyes EVA Suite

Vulnerability assessment is an important part of any Defense in Depth implementation. I discovered that in my company vulnerability assessment was not being used to its full advantage inside the perimeter. My team was continually fighting the same battles against unpatched and vulnerable systems as they would acquire various viruses from the network. The product that I was using to evaluate our environment did not allow us to schedule scans, and I could not afford a license that would allow us to scan our entire IP range. It was decided that we needed a true enterprise solution that would allow me to evaluate our entire environment on a regularly scheduled basis. After looking at several vulnerability assessment products I finally found one product that met all of our needs, and was affordable enough to fit into our budget. Once I tested and rolled the product out to production I was able to schedule scans of our many different environments, and gather much needed information about the computers in those environments. This allowed me to have a better picture of how vulnerable we were as a company to viruses and other malicious activity. A process was put in place to schedule scans with audit policies that I had tailored to our environment.