Vulnerability information collection/management service “SIDfm”
About SIDfm
SIDfm is a vulnerability information collection and management service that allows you to identify the information your company needs from all the vulnerability information around the world, and see countermeasures and progress at a glance. It not only automatically collects vulnerability information, but also identifies the information your company needs from that information to reduce security risks. Additionally, by visualizing the impact of the vulnerability and how to deal with it, the number of man-hours required to collect vulnerability information can be significantly reduced.
| SIDfm service details | SIDfm |
|---|
Features of SIDfm
Automatic collection of vulnerability information
SIDfm automatically collects and updates vulnerability information from around the world, collected from over 900 types of vulnerability information databases, vendor sites, security sites, etc. Additionally, the number of vulnerability information accumulated exceeds 39,000.
● Comprehensive collection of vulnerability information from around the world
● Vulnerability information is updated frequently
● Vulnerability information is of high quality
Scrutiny and analysis of vulnerability information
The vulnerability information scrutiny and analysis function collected by SIDfm allows companies to efficiently identify information relevant to their company from among vulnerability information and prioritize countermeasures.
● Automatically identify vulnerability information related to your company
● Automatically assess the impact of vulnerabilities
● Automatically suggest how to deal with vulnerabilities
Vulnerability management
SIDfm's vulnerability response management function allows companies to constantly understand the status of vulnerability responses, allowing them to take appropriate responses depending on the situation. Additionally, by sharing the vulnerability response status with the team, it is possible to respond more efficiently.
● Visualize vulnerability response progress
● Check vulnerability response status in report
● Share vulnerability response status with team
“Two types” of SIDfm provided by Beyond
"SIDfm Group" automates vulnerability information collection
SIDfm collects and accumulates vulnerability information on OS, applications, and software products from all over the world. You can check information on the management screen, including patch information and countermeasure information such as workarounds, significantly reducing the amount of time spent collecting information. It holds an overwhelming amount of information, with over 900 types of information collected and over 39,000 accumulated security hole information.
"SIDfm VM" performs everything from vulnerability information collection to management
The agent (VM agent) automatically collects software configuration information every 24 hours. It is also possible to register user implemented software (OSS) detected by SIDfm VM's unique automatic detection function. We always match vulnerabilities using the latest software configuration information, and also support manual registration and bulk import using files.
Characteristics by type
| Characteristics by type | SIDfm Group | SIDfm VM |
| Purpose of use | Vulnerability information collection | Vulnerability management |
| Provision method | SaaS | On-premises or cloud installation |
| Number of available users (number of login IDs) |
5 ID (can be added optionally) |
No limit |
| management unit | Filtered software | host network equipment |
| Use of vulnerable content | ○ | ○ |
| Vulnerability expert support | ○ | ○ |
| Use of SRI indicators | - | ○ |
| Vulnerability management (automatic ticket issuance) |
- | ○ |
| Automation features | - | ○ |
| Secondary use of information | - | - |
