IDENTIFY
TRACK
FIX
ClearFix is an end-to-end service that identifies your vulnerabilities, provides multiple methods to manage them, and fixes them, in a way that makes your life easier. ClearFix automates as much as possible, then reduces your manual overhead from the rest.
IDENTIFY
This first part is easy – we scan your external infrastructure, internal networks, cloud instances, and web applications, and report on any detected vulnerabilities.
Scans can be scheduled to run regularly or when required. Most “vulnerability management” providers stop here. We’re just getting started…
TRACK
ClearFix presents all vulnerabilities in a web portal which allows you to assign issues to those responsible for fixing them, see changes in your overall exposure over time, modify the severity, provide custom resolution guidance, and enrich with data on which vulnerabilities are being actively exploited.
Automated workflows and integration with your existing ticketing and collaboration platforms let you manage vulnerabilities just like any other task. Got penetration test results? Get the testers to put them directly into our platform. No more unwieldy reports. But we’re not finished…
FIX
This is what you really want vulnerability management for – to fix the problems that could lead to a compromise. ClearFix provides automated patching and config changes to address issues quickly, reducing the exposure window.
We don’t just patch the operating system, but also hundreds of third-party apps, with our coverage increasing constantly. We know that patching causes concerns for production environments, so we integrate with test environments and approval processes to minimise the impact from automation. We help you build a library of custom actions and integrate them directly into your DevOps workflows. No more generic resolution advice, instead we work with you to create tailored, specific guidance on addressing the root cause.
Reduce Operational Overhead
✓ Ongoing scanning for security issues
✓ Filter by criticality of vulnerability or asset, receive only those notifications that you need to see
✓ Tailored remediation advice
✓ Customised actions
✓ Automate patching and configuration changes
Address Security Flaws Without Worry
✓ Integrate with authorisation and approval processes
✓ Automatically test patches and changes in non-production environments
✓ Track vulnerabilities through existing ticketing and collaboration systems
✓ Patch hundreds of third party applications as well as the operating system.
Meet Compliance Requirements PCI DSS
✓ Install critical and high risk updates within one month of release
✓ Identify and manage security vulnerabilities in infrastructure and web applications
Cyber Essentials
✓ Install critical and high risk updates within 14 days of release
✓ Install updates for applications, including plugins such as Java, Adobe Reader, and .NET
ISO 27001
✓ Manage technical vulnerabilities
NIST Cybersecurity Framework
✓ A vulnerability management plan is developed and implemented
✓ Vulnerability scans are performed