Share:|

BMC SecOps!!

 

Colloboration of what you are strong at and what you are not strong at is the new trend setter rather than acquiring something that would be a costly solution.

 

Two weeks back (ie) on 5 5 2015 had a wonderfull session on BMC SecOps by Neil Karani,  an old friend of mine since 2009, where we shared many ideas on BMC Bladelogic Server Automation and what other product vendors does in this current field.

 

SecOps

I was alware of the colloboration between Qlalis and BMC and was eager to know whats cooking in the story and whether it is actually representing the clients need, to my surprise it was really astonishing that almost everything required from the clients requirement was getting full filled.

 

use case:

Clients always have a third party security consultant who scans the servers and provides the CVE vulnerability results to the client on YOY/Quarterly basis.During this excercise they feel the results to be on a better level rather. but in many cases it leads to high vulnerability.

 

    Operations team:

    The Operations team regularly patch the servers using BMC Bladelogic Server Automation, but are not sure that they are correct            only when the third party vulnerabilty check tools like Qualis scans the machine without any agents.

 

So this is the problem the operations and the engineering team of the organization faces, So as a solution what they do is have both the qualis aswell and the BMC Bladelogic Server Automation within the organization to get both on same page.

 

Challenges faced even after having Qualys and BMC Server Automation in the same Organization

1. Manual vulnerability check on the reports

2. Compare reports of both tools manully

3. Additional vulnerability on Organization specif cant be checked from both tools parallely

4. Single report for both tools

 

What BMC done in this?

BMC has really fantastic job calling the APIs and created a portal SecOps that does what the issues faced in the environment where they have both Qualis and BMC Server Automation for Checks and Remediation.

 

1. Scan the Servers using Qualys and get the results of vulnerability

2. BMC uses Shavlik(VMWare) metadata files for scanning the servers vulnerability and Qualys uses it own metadata files to scan the machines

3. Here they have combined both into a single result saying if Qualys has a vulnerability and it is not present in Shavlik it actually shows in the result that (Package not present) and you can create a manual package for the same. #JustAwesomeSolution

4. What vulnerability is there part of the system, just you can create the package and deploy from the portal that indirectly calls the BMC Server Automation at the back end to creates the patching job.

5. It gives a fantastic single and detailed report combining both BMC Bladelogic Server Automation and Qualis

 

I believe that all the issues that are being faced by the Engineering and the Operations team of an organization is perfectly addressed in one portal BMC SecOps

 

Special Thanks to Neil Karani Akbar Aziz

 

 

#KeepRocking with new Ideas bmcbear Matthieu Laurenceau

 

http://www.bmc.com/blogs/closing-the-it-security-and-it-operations-secops-gap/

http://www.bmc.com/blogs/categories/secops-security-compliance/