Vulnerability information collection/management service "SIDfm"
About SIDfm
SIDfm is a vulnerability information collection and management service that identifies the information your company needs from all vulnerability information available around the world, and allows you to see at a glance how to address the issue and its progress
Not only does it automatically collect vulnerability information, but it also identifies the information that is necessary for your company and reduces security risks.It also significantly reduces the amount of work required to collect vulnerability information by assessing the impact of the vulnerability and visualizing how to deal with it
Features of SIDfm
Automatic collection of vulnerability information
SIDfm automatically collects and updates vulnerability information from over 900 sources, including vulnerability databases, vendor sites, and security sites, and has accumulated over 39,000 vulnerability reports
● Comprehensive collection of vulnerability information from around the world
● Vulnerability information is updated frequently
● Vulnerability information is of high quality
Vulnerability information review and analysis
SIDfm's vulnerability information scanning and analysis functions allow companies to efficiently identify vulnerability information that is relevant to their company and prioritize the implementation of countermeasures
● Automatically identifies vulnerability information related to your company
● Automatically evaluates the impact of vulnerabilities
● Automatically presents countermeasures for vulnerabilities
Vulnerability management
SIDfm's vulnerability response management function allows companies to constantly monitor the status of vulnerability responses, enabling them to take appropriate action according to the situation. In addition, sharing the vulnerability response status with the team also enables efficient response
● Visualize the progress of vulnerability remediation
● Check the status of vulnerability remediation in reports
● Share the status of vulnerability remediation with your team
Beyond offers two types of SIDfm
"SIDfm IG" automates vulnerability information collection
SIDfm collects and stores vulnerability information for operating systems, applications, and software products from around the world. Patch information, workarounds, and other countermeasure information can all be viewed on the management screen, significantly reducing the amount of work required to gather information. Information is collected from over 900 types of vulnerabilities, and the number of accumulated security hole information items is over 46,000, making it an overwhelming amount of information
"SIDfm VM" handles everything from vulnerability information collection to management
The agent (VM Agent) automatically collects software configuration information every 24 hours. SIDfm VM's unique auto-detection function can also register user-implemented software (OSS). Vulnerabilities are always matched with the latest software configuration information, and manual registration and bulk import from a file are also supported
Characteristics by type
| Characteristics by type | SIDfm IG | SIDfm VM |
| Purpose of use | Vulnerability information collection | Vulnerability management |
| Provision method | SaaS | On-premise or cloud installation |
| Number of available users (number of login IDs) |
5 IDs (optional) |
No restrictions |
| Management Unit | Filtered software | Host network devices |
| Use of vulnerability content | ○ | ○ |
| Vulnerability expert support | ○ | ○ |
| Use of SRI indexes | - | ○ |
| Vulnerability management (automatic ticketing) |
- | ○ |
| Automation Features | - | ○ |
| Secondary use of information | - | - |
