How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
Our primary use case is for vulnerability assessment of our internal network.
Our primary use case is compliance for our audits, for our customers. We were exposed in that we were not meeting contractual obligations. We are monitoring our infrastructure: servers, switches, storage, routers, SAN storage, operating systems, and applications to the extent that the tool is able to see into them. We use it to hit the high ones like Adobe or Microsoft Office and the like. Some of the more niche products that we use may not be in their inventory of vulnerabilities.
I use this solution to perform vulnerability assessments and then patch my systems using third-party tools. The vulnerability scan is pretty fast and once you give it the right access privileges on the target system, you get very clear and precise details of the vulnerabilities.
Vulnerability assessment and compliance auditing are our primary use cases. That includes baseline configuration scanning. We use it to protect everything in the enterprise environment: servers, workstations, pretty much all operating systems, networking gear. We are doing cloud and we are doing some IOT. We are not using their web application scanning tool.
I'm the one who scans and performs assessments on clinical and medical equipment in our environment. I manage the clinical endpoint devices: MRI systems, bedside monitoring, Alaris pumps, fusion pumps, CTUs, EEGs, EKGs, wireless defibrillators, and a lot of IP cameras that are part of operation room labs. My colleague handles all the regular enterprise IT, database servers, etc. From a scanning standpoint, I do everything from discovery scanning to full-credential auditing and anything and everything in between. That's just for the medical space in a 24/7 production medical environment. We're also using a bit of the Passive Vulnerability Scanner and, eventually, I want to get to using the agents, but we haven't gotten to that stage yet.
The primary use case is to perform vulnerability assessments across the entire network.
I primarily use this solution for vulnerability assessment on the assets that we have. This includes servers, network equipment, appliances, routers, firewalls, and switches.
Basically it reviews our threat landscape vulnerability. So, we just want to be sure that we check compliance in terms of our configuration and compliance to our policies. But, the key is to make sure that we are not exposed to non-vulnerabilities that can be exploited. So, it's more of just securing our threat landscape.
I use SecurityCenter currently to investigate daily network security events from reports I receive. Our network support team uses it to track, manage, and remediate system vulnerabilities. It works well for the latter, not so much for the former.