Citadel Hercules
Enterprise Vulnerability Management System
With thousands of vulnerabilities being reported every month, the need for a system that addresses the security risks facing IT Security and Operations departments has never been greater.
The Hercules system from Citadel enables IT administrators and operations departments to bring in-house Enterprise Vulnerability Management (EVM) solutions rather than out-sourcing them.
As businesses continue to rely on IT systems and exchange information with other IT networks, policy compliance becomes a necessity. There are various government mandates that make it compulsory for companies to comply with if they do business using I.T.
The Citadel Hercules Enterprise Vulnerability Management system not only assesses a network for vulnerabilities, but also offers administrators the choice to assess whether their network complies with government mandates such as Sarbanes-Oxley, and then provides resolutions to bring systems back into the selected policy compliance. Should systems fail to meet the security standards or government mandates, at your request Hercules will address those systems and carry out the necessary steps to bring them back inline. This can be done automatically or scheduled for a more convenient time.
 To download the Westminster Presentation (with audio commentary) on this product, please click here.
Note to Windows XP users: This is a compressed ZIP file. You will need to EXTRACT the entire contents of the file to a folder on your computer before you can play back this file. A PowerPoint viewer is included if you do not have Microsoft PowerPoint.
Compliance & Remediation 
- Hercules is the world premier in fully automated enterprise vulnerability management solutions. Compliance and remediation under one system for corporate computer networks is now possible through Hercules;
- Hercules addresses and deals with all five classes of vulnerability, bringing a network into full compliance with both corporate security policy and regulatory mandates – automatically;
- Hercules seamlessly integrates to any network and operates to an extremely high level of sophistication.
Hercules will facilitate compliance with security policies and government mandates such as:
- FISMA;
- HIPAA;
- GLBA;
- Gramm-Leach-Bliley;
- Sarbanes-Oxley;
- NSA;
- SANS Top 20;
- GISRA;
- PCI, SEC, FTC;
and many more…
US Department of Defence contracts Hercules to protect its Worldwide Computer Network
Five Classes of Vulnerability
 |
Software Defects (Missing Patches)
Buffer overruns, RPC-DCOM, SQL Injection .
Patches are automatically issued from the Citadel 25,000+ Patch library, and applied to software vulnerabilities and defects as required;
|
 |
Unnecessary Services
VNC, PC Anywhere, KaZaa, Telnet . . .
Unnecessary software such as peer 2 peer, Telnet & other compromising applications are shut down;
|
 |
Backdoors
Spyware (DownloadWare, GAIN, 180 Solutions), MyDoom.A, Backorifice, Subseven
Backdoor programs are removed;
|
 |
Mis-configurations
NetBIOS shares, Anonymous FTP r/w, hosts file.
Mis-configurations are rectified;
|
 |
Unsecured Accounts
Null Password, Default P/W, no P/W expiration…
Unsecured accounts are addressed and brought into line with corporate policy.
|
Hercules Operations Console
The Enterprise Vulnerability Management Cycle
 There are many vulnerability management solutions available, but patch management and vulnerability assessment is only one half of the Enterprise Vulnerability Management Cycle. Hercules provides businesses and large corporations the ability to effectively control security threats, whilst at the same time ensuring policy compliance and government mandates are enforced.
Hercules continues to assess and report on all clients to ensure that all known vulnerabilities are dealt with, and policies are keeping systems in compliance. This reduces the IT Operations' departments time required to deal with the ever increasing demand to effectively ensure systems entering and leaving the building are under the organisation's compliance.
As a result, Hercules will drastically reduce the need for staffing and increase efficiency in managing large organisations, even ones which span over entire WANs of the organisation.
Enterprise Vulnerability Management Process
Step 1 
|
Hercules creates an inventory of all assets within the computer network identifying devices requiring management, and the vulnerabilities associated with them. |
Step 2  |
Hercules executes a full vulnerability assessment so as to aid in prioritising vulnerability remediation versus operational goals.
|
Step 3 
|
Hercules automatically brings devices back in to compliance with corporate policy, through patching, or other vulnerability remediation such as the automatic execution of security configuration rectification, end point security solutions, through to remediation enforcement. |
Step 4  |
Hercules provides a detailed report, identifying the vulnerabilities that were present, and the remedial action that was taken to bring the network to full compliance with both corporate policy and regulatory mandates. |
Reports that are generated by Hercules demonstrate to external auditors how you are proactive against vulnerabilities to secure your network and protect customers’ confidential information.
Compatibility
Hercules can meet the needs of large, distributed organisations and will support multiple platforms such as Windows, Mac OS and major Unix and Linux operating systems.
Hercules is designed to work seamlessly with other leading Vulnerability Assessment scanners with interoperability:
- Harris STAT Scanner;
- ISS Scanners;
- Microsoft MBSA;
- Nessus;
- FoundStone;
- eEye Retina;
- nCircle;
- Qualys;
- Saint;
…and others.
Device vulnerabilities by class
Enterprise Vulnerability Management
Hercules spans organisational boundaries and provides a single view into managing enterprise vulnerabilities that closes gaps in security. The device reports and automates tedious, manual processes that plague IT Security and Operations departments today.
Geographical assessment of your network
The Citadel Hercules Guarantee
Hercules is the total solution for network vulnerability management. When you become a Hercules customer, you receive an iron clad guarantee.
- As soon as a critical vulnerability is discovered, within 24 hours you will receive a remedy from Citadel, the developers of Hercules. Non critical remedies will be received within 36 hours.
- If the remedy for the vulnerability does not arrive with you within the given time frame and your network subsequently gets infected through that vulnerability, then you will receive compensation, up to the value of the Hercules system.
- The iron clad guarantee is backed by AIG insurance.
You’re in good hands…
Hercules is in use with a wide variety of customers including:
To download the Westminster Presentation (with audio commentary) on this product, please click here.
Note to Windows XP users: This is a compressed ZIP file. You will need to EXTRACT the entire contents of the file to a folder on your computer before you can play back this file. A PowerPoint viewer is included if you do not have Microsoft PowerPoint.
To view this product as a PDF, please click here.
For more information - please click
here to contact us. |
|
|
