RSA, the security division of EMC, has unveiled RSA Vulnerability Risk Management (VRM), a new software solution designed to help organisations improve their overall security posture by analysing massive amounts of vulnerability scan data and helping to identify and prioritise the highest-risk vulnerabilities.

RSA VRM is engineered to leverage Big Data and advanced analytics to identify the most important vulnerabilities so they can be fixed quickly to limit risk and better prevent cyber attacks.

Combining asset business context, actionable threat intelligence, vulnerability assessment results and comprehensive workflows, RSA VRM helps proactively manage IT security risks and automates tasks to enable organisations to do more with fewer resources.

The powerful data collection and aggregations capabilities are designed to allow RSA VRM to gather data from standard repositories as well as vulnerability scanning vendors to help more efficiently and effectively address potential threats. Additional benefits include: Comprehensive catalogues for both technical and business data for each IT asset; Automation of manual tasks including workflow management, vulnerability lifecycle management and reports generation; Detailed reports on KPIs, ROI of programs, and overall IT security risk posture of an organisation.

As part of the RSA Archer GRC platform, RSA VRM helps connect vulnerability risk programmes with overall IT GRC work streams to enable better visibility into the overall security risk of the organisation and is a critical component to an organization’s overall Critical Incident Response strategy.

Chris Christiansen, programme VP, security products and services, IDC, said: "Vulnerability management tends to be a challenge many organizations have a hard time overcoming. Scanning the infrastructure for vulnerabilities provides a lot of information with very little context and understanding. By taking what is essentially a Big Data problem and turning it into the solution, security teams will be better armed to address their most pressing vulnerabilities".

James Ducharme, senior director of engineering, RSA, commented: "Organisations have tens of thousands of IT resources that are critical for the survival and growth of their business, but many of them have vulnerabilities that can lead to exploits and attacks. With limited visibility into the highest-risk vulnerabilities, security teams are faced with the impossible feat of trying to patch everything at once.

"Using a Big Data approach and combining vulnerability scan results, business context of assets and threat intelligence, RSA VRM is designed to provide vital information around which vulnerabilities need to be addresses and the priority of order – helping security teams make the most of current resources and mitigate cyber attacks."