Security » McAfee » Vulnerability Management

Vulnerability Management

McAfee Vulnerability Manager
Identify risk exposures and policy violations. Prioritize resources. Reduce risk.

Which threats and vulnerabilities require your attention? Which policies have been violated? Quickly and accurately find and prioritize vulnerabilities and violations on your networked systems with McAfee Vulnerability Manager.

Network vulnerabilities and threats pose serious risks to all businesses. Compound that with compliance and policy requirements plus the rigorous demands of audits, and you're bound to lose sleep at night. Put risk and compliance concerns to bed with McAfee Vulnerability Manager. Its priority-based approach combines vulnerability, asset data, and countermeasures to help you make more informed decisions. It uses threat intelligence and correlation data to determine how emerging threats and vulnerabilities on networked systems affect your risk profile, so that you deploy resources where they’re needed most. Improve operational efficiency and security protection while meeting tough mandates outlined in SOX, FISMA, HIPAA, and PCI DSS.

Vulnerability Manager is available as software or a secure, hardened appliance. Both increase the efficiency of your existing resources, resulting in a low cost of ownership.


Get the jump on business-critical threats.Defend and manage threats quickly, and remediate the most critical vulnerabilities first; incorporate countermeasures into your overall risk posture; respond when and where it matters most; and avoid unnecessary patches during a crisis.

Manage your resources more efficiently.Make your IT staff more effective by consolidating and automating your manual processes via a solution combining asset prioritization, threat correlation, vulnerability and policy assessment, security intelligence, and problem resolution.

Get enterprise-class protection. Scale up quickly and easily to protect any size network, including some of the premier enterprises and government agencies worldwide; flexible deployment options include appliance, software only (including virtualization support), or subscription services.

Create the reports you need.Generate customizable reports for any audience-from compliance officers to security analysts; obtain relevant and accurate data for policy audits, formatted for your purposes at either a high or detailed level.

Focus on the most relevant security alerts.Integrate with McAfee Network Security Manager to reduce the volume of alerts down to only critical threats; reduce the amount of time it would normally take to analyze and respond to attacks.

Do more in less time with greater accuracy.Accurately identify operating systems via high speed scans so you don't waste time and resources responding to false positives; create policy baseline templates from gold standard systems to eliminate the time spent developing and assigning values.

Get a true picture of your risk and policy compliance posture. Correlate new threats with existing asset and vulnerability data, and quantify risk levels; conduct agent-less policy compliance auditing without additional software or management consoles.


Priority-based, countermeasure-aware solution.

Address significant vulnerabilities with a priority-based approach; import buffer overflow protection data from McAfee ePolicy Orchestrator® (ePO™) to reduce unnecessary patches; integrate with other McAfee products to fix policy violations, calculate risks, and prevent infractions.

Broad content checks.

Receive updated vulnerability coverage 24/7 from McAfee Avert® Labs; authenticated checks help you delve deeper into operating systems and networking devices to find vulnerabilities and policy violations; uncover unmanaged wireless access points on your network.

New threat identification and correlation.

Instantly see how emerging threats affect your current risk profile with Vulnerability Manager's Threat Correlation module: Threat Correlation ranks the risk potential of new threats by correlating events to your asset and vulnerability data.

Policy auditing and compliance assessments.

Capture, store, and report results of policy checks; with an easy-to-use wizard, define values of policy checks; accurately determine if you comply with leading regulations; you get specific templates for SOX, FISMA, HIPAA, PCI.

Flexible reporting.

Categorize data by asset or network; use a powerful set of filters to select and organize results in your reports; view the results of agent-less Microsoft Windows policy audits which include a compliance summary and details by host or policy.

Asset-based discovery, management, scanning, and reporting.

Classify assets using detailed, flexible criteria and filters; classify reports by business unit; remediate only important systems; include or exclude hosts based on OS and other properties; scan by business function, asset value, owner, or location.

Asset synchronization.

Configure multiple Lightweight Directory Access Protocol (LDAP) servers to import asset information, so that IT spends less time creating and grouping assets when running scans.