PragmaticDefence's managed vulnerability program identifies which vulnerabilities are exploitable and those which are not (this process is known as false positive reduction). False positive alerts can consume a large amount of time and effort for little or no benefit to the customer. PragmaticDefence's managed service demonstrates the path that an attacker could use to breach a network, quantifies risk to the system and allows for the timely supply of information to internal IT personnel to better defend their informational assets.

The benefits of this managed service to the customer are as follows:

• Up-to-date scan engine with new vulnerabilities and their associated exploits automatically added
• Expert analysis commensurate with the customer’s operating environment
• Flexible and customised scanning
• Remediation activities associated with vulnerabilities included
• PCI-DSS Compliance reporting option available
• Managed Vulnerability service conforms to requirement 11.2 and 11.3 of the PCI-DSS standard
• No software or hardware licenses to purchase and maintain
• Scans scheduled to cause minimum disruption to normal operating conditions