Threat Management Features & Benefits

Track threats through a customizable early warning system to help prevent attacks before they affect your enterprise.

• Centralize and Structure Your Threat Database

  Archer Threat Management enables you to centralize threat data from your trusted sources in a searchable, standards-compliant database. Out of the box, the structure of the Threat Management solution provides a best-practice approach for capturing vulnerabilities, malicious code and patches. And because the solution is built on the highly flexible Archer SmartSuite Framework, your organization can customize the solution structure to accommodate your unique threat management processes. Archer provides a user-friendly web interface for adding and modifying data-collection fields, customizing workflow processes, automating alert notifications and tailoring the presentation of threat data.

• Bring in Threat Content

  Archer provides three methods for populating your customized threat database with information. First, you can research and enter your own threat content through Archer’s easy-to-use web interface. A second method is to subscribe to a leading commercial threat feed provider and utilize Archer’s integration capabilities to pull data into the Threat Management solution at a frequency you define. Archer Threat Management is pre-integrated with security intelligence feeds from VeriSign® iDefense®, Symantec™ DeepSight and Cisco® Security IntelliShield Alert Manager Service. The third option is to utilize the Archer Mail Monitor feature, which monitors an email account for threat advisories, automatically pulls that data into Archer and maps it to the appropriate fields.

• Analyze and Refine Threat Data

  Leveraging information housed in the Archer Threat Management solution, your team can analyze vulnerabilities and malicious code as they pertain to your organization’s critical technologies and processes. Archer enables you to filter out threats that have no impact on your business, preventing your security personnel from being overwhelmed with unnecessary advisories. For those threats with direct impact to your business, you can refine the CVSS score or risk rating and add company-specific instructions for addressing the threat. In addition, you can assign responsible parties for threat remediation.

• Alert Users to Emerging Threats

  Archer’s Notifications feature enables you to automatically notify responsible personnel so they can proactively address threats before your systems are compromised. These notifications can include details on the severity of the threat, the CVE ID, affected technologies and remediation instructions, and they can include links to the full threat and patch records, empowering users to take immediate action. Archer allows you to define notification filter criteria to require users to receive specific types of alerts, or you can allow end users to define their own filters to limit the number of emails they receive.

• Report on Threat Levels and Activities

  Through the powerful reporting capabilities of the Archer Threat Management solution, you can produce ad hoc reports to view threats by technology, severity, type and impact to your organization. You can also construct user-specific dashboards that provide real-time access to the latest vulnerabilities and malicious code, along with work queues for addressing threats. With a simple click of the mouse, you can view underlying data for a complete understanding of potential impacts to your business. This information is essential to determining action plans for the remediation of threats.

• Integrate Asset Data to Support Informed Decisions

  Integrating the Threat Management solution with Archer Asset Management provides you with a clear view of threats that impact your physical assets, applications and facilities. The Asset Management solution enables you to determine the criticality of technical assets based on the business processes, products and services they support. You can then prioritize the implementation of patches or workarounds based on the business criticality of an asset. This decision support helps you allocate resources effectively while protecting what is most important to your business.

• Validate Vulnerability Remediation

  When you integrate the Archer Threat and Asset Management solutions to perform asset-to-vulnerability correlation, you can take advantage of Archer’s capabilities for integration with vulnerability scanning devices and patch management solutions. Combining data from these sources with threat and asset data in Archer allows you to audit and validate that vulnerabilities have been properly addressed on an asset-by-asset basis to ensure your organization’s business continuity.