The VantagePoint platform consists of three components: lightweight agents, VantagePoint analysis servers and management portal. The agents that are deployed on the servers, are extremely lightweight since the analysis servers do all the “heavy-lifting” of security analysis and assessment. The service delivery model enables VantagePoint to be deployed in minutes via quick installation of agents and fast provisioning of the account on the management portal.
File Integrity Monitoring: Continuously monitor important configuration files for unauthorized or malicious changes to protect the integrity of your servers. VantagePoint will, by default, monitor and track the important configuration files in your infrastructure. It also enables you to easily specify additional files to monitor and allows you to set up alerts for unauthorized changes.
Logs Analysis: Aggregate, automatically analyze, index, and archive important log files in a centralized location. Our search interface allows you to perform advanced searching across all log files that are monitored across your infrastructure. VantagePoint ships out of the box with default analysis and saved search rules that allow you to detect and view suspicious events across your entire infrastructure. Saved search capabilities and custom alerting allow you to notified for any event in your infrastructure.
Threat Detection: We’ve built a threat intelligence feed so you don’t have to. Our feed contains over 100 proprietary and open source (OSINT) feeds with over 1.5 million indicators. VantagePoint leverages that threat intel to automatically and continuously inspects files and network payloads for suspicious or malicious activity, automatically alerting you to threats in your environment.
Vulnerability Management: VantagePoint performs daily vulnerability scans across all hosts to detect security risks. We assign our own criticality based on real security factors, like whether one or many public exploits are available, whether defensive techniques are available, CVSS score, and vulnerability type. These factors allow you to quick detect, triage, prioritize, and track vulnerabilities and remediation efforts.
Security Configuration Baselining: VantagePoint continuously assesses the security posture of each server against best practices and custom security baseline configuration policies. These policies leverage human readable Boolean-style queries to test all of your infrastructure to help you enforce security best practices and to report on and detect security risk and configuration drift. VantagePoint ships with a default best practices policy, but custom queries and policies can easily be developed using our policy writing user interface.
Unified Risk Scoring and Remediation Planning: Get one, single, trackable score of your security posture based on our proprietary scoring algorithm that takes into account all factors and functionality provided by VantagePoint. Along with the security score, receive prioritize guidance on remediation for security risks in your environment.