The “Coverage: System Compliance Overview” analysis is an example of how data from different security sections can be effectively correlated to determine security levels. This analysis shows the percentage of computer systems that have a high vulnerability due to not being connected to update management, patch management or anti-virus software.
To discover non-covered systems, the existing collectors link the Active Directory (AD) and vulnerability scanner to the Security Lighthouse. The correlation of information from the Active Directory and vulnerability management with the data from the update, patch and anti-virus systems provides information about computers that have no anti-virus software and/or are not connected to patch management software. Individual computer systems that are deliberately not equipped with anti-virus or patch management software can be excluded from the analysis.
"Initially, it was more important for us to establish a uniform standard in the global environment at the locations from the outset, than work on maintaining specific limiting and threshold values. At the end of the day, a chain is only as strong as its weakest link. We now have a standard infrastructure in place across the group, which should make it possible to maintain security at a high level everywhere."
CSO of a company with 40,000 PCs at 70 locations worldwide.