Thousands of network security vulnerabilities have been discovered and exploited every year. Network security status has been increasingly severe as the number of vulnerabilities is increasing together with various attack measures. It has been proved that 99% attack events utilize un-patched vulnerabilities. Only if users could discover these vulnerabilities of their network and prepare for precaution works before attackers take action, the losses of attacks can be effectively avoided.

Through providing proactive diagnosis of security vulnerabilities and giving professional protection suggestions, NSFOCUS RSAS as a reliable Vulnerability Management Expert to keep attackers away from enterprise’s cyber asset.

• Supported by professional NSFOCUS Security Research Team and integrated with leading technologies such as NSIP (NSFOCUS Intelligent Profile), NSFOCUS RSAS discover security vulnerabilities of the network and cyber asset automatically, efficiently and accurately.
• Based on the detailed vulnerability analysis of network assets, RSAS measures risks by adopting the risk assessment model and provides professional solutions.
• The Open Vulnerability Management (Open VM) platform provides powerful security solution by embedding the advanced vulnerability management workflow concept into the whole product implementation processes.

Open Vulnerability Management (Open VM) Workflow

• 'One-click' Intelligent Task Mode
  Through “One-click” intelligent task mode, one-click scanning, fast report and Intelligent profile technologies are utilized to ensure RSAS maximally meet client’s requirements of high efficiency and easy to use.
• Open VM Platform
  The Open Vulnerability Management (Open VM) platform divides the vulnerability management into five processes: vulnerability forecast, asset management, vulnerability analysis, vulnerability remediation and vulnerability audit. The platform accomplishes the open vulnerability management workflow; moreover, it supports multiple secondary development interfaces and interaction with the third party products.
• Efficient Scanning Engine
  NSFOCUS RSAS possesses the built-in efficient and intelligent NSSE (NSFOCUS Scanning Engine). By adopting the NSIP (NSFOCUS Intelligent Profile) technology, the intelligent open port service identification technology, the automatic rule dependency scanning technology , and combining with the special hardware platform and optimized operating system, RSAS achieves the best balance between the speed and scanning accuracy.
• Profound Vulnerability Database
  NSFOCUS maintains a large vulnerability database which has over 11,000 items. RSAS contains more than 2,400 vulnerability entries refined from the vulnerability database, which are intellectual achievements of the NSFOCUS Security Research Team. RSAS vulnerability database covers almost all remotely exploitable vulnerabilities involving popular operating systems, databases, network equipment and applications.
• Web Application Security
  RSAS takes the lead to initiating the vulnerability detection of Web application. It performs deep content analysis, and thus detects whether the target website contains SQL injection, credential disclosure vulnerability etc.
• Authoritative Risk Assessment Model
  Adopting the authoritative risk assessment model, RSAS carries out the asset risk assessment and vulnerability management from the three dimensions of asset, vulnerability and threat.
• Human-Oriented, Friendly Management Interface
  RSAS is easy to install, implement and maintain. RSAS could reflect overall network security status from multiple angles of view, which can make granular statistic and analysis of vulnerability distribution, compromise, TOP 10 vulnerability and host information. Meanwhile, it provides a practical report filtering function helping network administrators to acquire effective information and generate various reports based on different roles, content and format. Moreover, it provides detailed vulnerability descriptions and solutions, vulnerability indexes of internationally authoritative agencies (CVE and BUGTRAQ) and associated URLs of original vendors.