Strengths: High-powered vulnerability management for the large enterprise.
Weaknesses: Out of the range for smaller deployments.
Verdict: One of the more solid products we’ve seen, with good progress over the years.
The StillSecure VAM appliance is serious vulnerability management in a single device. This powerful appliance focuses on automating vulnerability assessment and auditing for large scale environments. Features of VAM include the ability to inventory assets, scan for vulnerabilities and manage the repair and remediation process. This product is designed to integrate directly with already running systems, such as trouble-ticketing, patch management, network management and other security related systems.
This product comes out of the box and seamlessly plugs into the environment. Initial setup only takes a few minutes, and from there discovery and scanning can begin. The VAM has a very well designed user interface that is simple and intuitive to navigate. It provides easy configuration of asset discovery and scan jobs.
VAM is a solid performer for the large scale environment. We found that one of the greatest strengths of this product was its ability to not only find and report vulnerabilities, but it also manages the vulnerability life cycle. With VAM, administrators can easily track systems and remediation of threats just by drilling down through various report screens. This product also has some supreme reporting capability, with many pre-defined report templates available.
This offering has to have my favorite documentation of all the products. The VAM comes with a large, black, three-ring binder filled to the brim with documentation. While this binder is big, clunky and almost requires its own shelf in a server room, it is well organized and very thorough. The good news is this guide includes all the necessary documentation for the whole product.
At about $10 per IP for a 2,500 to 5,000 user environment, the StillSecure VAM appliance is not a small investment. However, we do recognize that it is geared to manage these large environments and it does bring some high-end features to the table.