SanerNow Advanced Vulnerability Management

Overview

SecPod’s SanerNow CyberHygiene Platform is an agent-based, cloud-hosted vulnerability management solution that helps IT teams to identify risks and exposures within their environments, with integrated remediation controls. The platform comprises six applications or modules: vulnerability management, patch management, compliance management, asset exposure, endpoint management, and endpoint query response.

In addition to providing security, SanerNow has a strong focus on usability. Each of the platform’s modules can be implemented standalone or integrated with the others for a unified approach to security that removes siloes and increases visibility. It also offers strong automation functionality to reduce IT teams’ manual workload, and a lightweight architecture to minimize strain on system resources.

Key Features

Patch Management

SanerNow’s Patch Management module supports workstations and cloud workloads, and Windows, Linux, and MacOS endpoints.

The Patch Management dashboard gives admins a visual overview of device and asset patch posture. Admins can then drill down into data on security-specific patches, or non-security patches such as bug fixes. They can also filter to view their most critical patches—i.e., those that could be exploited by a threat actor—which allows for more efficient remediation.

SanerNow supports patching for hundreds of third-party applications, and customers can request patching support for applications that aren’t already covered. This means admins can deploy patches without leaving the SanerNow management console to find them.

Admins can test patches on Test Devices by creating a Patch Task to ensure they’re working properly. Tests are run as soon as the agent comes live. Patches can then be scheduled to deploy automatically, with a roll-back option should a patch need to be removed.

Vulnerability Management

SanerNow offers agent-based scanning for vulnerabilities. The agent scan is very lightweight, and can be completed in around five minutes. Agents installed in the endpoints can also be configured to run network scans using existing infrastructure—this gives the business the ability to scan their network outside of just workstations, e.g., they can use it to scan for firewalls.

From the Vulnerability Management dashboard, admins can access a graphical overview of all vulnerabilities identified during scans, and drill down to view vulnerabilities at a device level. Admins can also view remediation recommendations, which can help improve incident response times.

SecPod also holds a SCAP content repository of their own security intelligence, which they feed as an OEM service to other cybersecurity vendors, including AlienVault, CloudPassage, and Amazon. This repository is updated daily and enables the SanerNow platform to identify new threats, as well as known malware.

Compliance Management

The Compliance Management module enables IT teams to align their device fleet with NIST 800-53, NIST 800-171, ISO, HIPAA, and PCI-DSS benchmarks, with out-of-the-box policy templates for these standards. Admins can also create custom compliance policies and assign them to agents. SecPod then identifies non-compliance with those policies (e.g., system misconfigurations) when it carries out network scans.

The Compliance Management dashboard visualizes rule and device compliance posture, including any deviations from compliance policies and suggested fixed for those deviations. This is a particularly useful module for organizations operating within the healthcare, finance, or local government and defense sectors.

Asset Exposure

SanerNow runs scans of all endpoints to obtain a continuous, real-time inventory of all hardware and software assets. From the Asset Exposure dashboard, admins can view their asset inventory, including software usage metrics. This is particularly useful for planning software purchases and managing licenses, as the visual inventory makes it easy to identify which assets aren’t being used. It’s also useful for identifying shadow IT and malicious assets; admins can use this information to whitelist approved applications and blacklist any unauthorized or known malicious apps.

The platform offers a number of out-of-the-box and customizable asset reports that are useful for auditing.

Endpoint Management

With the Endpoint Management module, admins can perform real-time health checks on their users’ devices to help mitigate the spread of viruses and malware.

Admins can also use health checks to identify devices that aren’t performing optimally and carry out remote system tune-ups. Scripts can be executed in Powershell, bat, or shell.

Using this module, SanerNow can be used to implement strong security controls like blocking malicious applications and devices, stopping unusual processes, managing firewall settings, and much more.

Continuous Posture Anomaly Management

The Continuous Posture Anomaly Management module provides holistic and deeper visibility to IT infrastructure, and helps you discover and eliminate anomalies. SanerNow CPAM uses machine learning, statistical analysis, and deviation computation methods to discover and eliminate the most obvious attack vectors in your IT.

Ease Of Use

Deployment

SanerNow is relatively easy to deploy. The platform runs on an agent-based scanning system, and admins must install the SanerNow agent on all covered devices. This is a straightforward process and, once complete, the platform starts scanning immediately for vulnerabilities.

SanerNow offers support for workstations and cloud workloads, as well as Linux, Mac OS, and Windows devices. The platform integrates with Active Directory for easy onboarding and permissioning.

Management

SanerNow’s management console is modern and highly intuitive. The visual dashboard are easy to navigate and make it easy to find specific data. The console also offers multi-tenant support for MSSPs and organizations with a main “parent” office and geographically distributed “child” offices. On the user management side, it’s easy to add new users and configure roles, permissions, and privileges.

Support

SecPod offers robust online documentation for each module of the SanerNow platform, including product guides, articles from their knowledge base, and FAQs.

Customers can request technical support via email or submit a form on the SecPod website.

Best Suited For

The SanerNow platform’s multi-tenant interface, powerful automation capabilities, and strong integrations between modules and with other third-party tools make this a suitable solution for larger enterprise and MSSPs looking to replace their existing disparate patch and vulnerability management tools with one unified solution.

However, its modular architecture and intuitive interface also make SanerNow well-suited to SMBs looking for a user-friendly patch or vulnerability management solution, which they can add more functionality to as they scale up.

Finally, the in-built support for HIPAA, PCI-DSS, SOX, and NIST compliance make SanerNow a strong solution for organizations that handle sensitive data such as PHI or financial information, and must comply with strict data protection regulations.

Final Verdict

SecPod’s SanerNow CyberHygiene Platform is a robust, yet lightweight vulnerability management solution. The platform offers lots of out-out-the-box functionality—including patch integrations, policy configurations, and reporting—as well as powerful automation when it comes to network scanning and patch deployment. This, alongside it highly graphical, intuitive interface, makes it easy to manage, even amongst less technical users and those with limited resource to dedicate to IT security.

While SanerNow offers accurate, well-tuned out-of-the-box functionality, it offers limited scope for customization, which may be a limitation for some businesses.

Despite this, SanerNow’s reliable vulnerability detection and remediation, compliance support, and multi-tenant interface also make it well-suited to most MSSPs, larger organizations with multiple offices and a diverse device fleet, and businesses in the healthcare, finance, government, and defense sectors that need to prove compliance with strict data protection standards.

We recommend that any business looking to replace disparate vulnerability and patch management tools with a single, unified platform, considering adding SanerNow to their shortlist.