DEVOPSdigest

BMC introduced BMC SecOps Response Service, a cloud-based solution that eliminates security risks and reduces companies' overall attack surface across multi-cloud environments, including AWS and Microsoft Azure.

When coupled with endpoint management tools, including Microsoft System Center Configuration Manager (SCCM) and BMC BladeLogic Server Automation, organizations can rapidly prioritize and remediate.

SecOps Response Service solution offers teams the ability to quickly enforce security policies and manage multiple cloud environments and on-premise systems, including data centers from one tool.

The SecOps Response Service solution:

- Enables security and operations teams to operationalize their vulnerability management strategies for faster remediation and reduced risk with policies that are flexible and scalable.

- Provides visibility into planned actions, predictive service level agreements (SLAs), and burndown views, thus enabling them to more actively control the security levels of an organization.

- Prioritizes vulnerabilities based on policy, SLAs, severity, and impact.

"When operations receives vulnerability data from the security team, it lacks the context necessary in order to prioritize and take action," said David Cramer, VP and GM of Security Operations at BMC. "SecOps Response Service helps answer critical questions such as, which applications are dependent on those systems? Do we have a patch to address the vulnerability and has the patch been tested? When is the next available maintenance window that we can use to remediate this issue? A cloud service like SecOps Response Service facilitates increased coordination and collaboration between the teams. By providing prescriptive and actionable data, IT operations and security teams can prioritize and remediate security threats and vulnerabilities based on the potential impact to the business."

The SecOps Response Service solution natively integrates operations with vulnerability scan data from Rapid7, Tenable, and Qualys, providing automatic enterprise-grade remediation.

As companies look to enhance their Security Operations capabilities, BMC offers professional and education services to complement SecOps Response Service. These include subscription-based 24/7 access to online training to accelerate adoption of the solution, consulting for process and operational change management, a three-month Day 2 Operations service to help organizations optimize their use of the solution post go-live, and an Application Managed Service where BMC staff manage the solution on the client's behalf.