
Vulnerability-Based Application Management (VBAM) Explained
PowerBroker for Windows contains a patented feature call Vulnerability-Based Application Management (VBAM). Unlike traditional vulnerability assessment solutions, or even job-based vulnerability assessment agents that perform a full assessment as a snapshot in time, PowerBroker for Windows VBAM operates in real time. Based on the Retina vulnerability database, PowerBroker for Windows monitors user runtime for applications executed and compares the launch of an application to the database. If the executable, dynamic link library or registry matches any known vulnerability based on the application entering memory and interacting with the user and system, the vulnerability is flagged, an event is sent to the BeyondInsight management console, and automated actions are performed if deemed necessary. For example, if the application contains a critical vulnerability over 30 days old, and/or in violation of PCI DSS 3.2 standards, it can:- Block or deny the application’s execution
- Notify the end user of the risk with instructions
- Allow the program to execute with an alert to an admin to begin a new workflow for remediation
- Prompt for a secondary justification accepting the risk
