Platform
Security orchestration platform
Patrowl notifies you instantly of vulnerabilities on your assets, with customizable alerts and a weekly e-mail summary.
It also manages the cybersecurity of multiple structures with hierarchical organizations, and allows vulnerabilities to be corrected or forwarded via tickets to your IT team, compatible with ServiceNow, Jira, and GLPI.
Related functions
Cyber vulnerability alerts and notifications
Be alerted as soon as an asset presents a vulnerability. When Patrowl detects a new confirmed vulnerability on a pentested asset, you can customize alerts and integrate them into your messaging tools (e-mail, ticket, Slack, Teams...).
For potential vulnerabilities on non-pentested assets, you'll receive a notification of possible impact. In addition, a weekly summary of all vulnerabilities is sent to you by e-mail.
Managing your organization and sub-organizations
Are you in charge of cybersecurity for several organizations, or does your company have several subsidiaries?
Patrowl is a multi-tenant SaaS service, enabling you to create a parent organization and infinite hierarchical sub-organizations. Are you a large enterprise?
Patrowl is designed to meet your needs and those of your organization.
Connect to CybelAngel by creating a new configuration
This feature enables Patrowl to connect to CybelAngel, a digital threat detection and attack surface monitoring service.
Thanks to this integration, Patrowl can benefit from CybelAngel's capabilities to discover sensitive information or vulnerabilities potentially exploited outside the organization's infrastructure, such as data leaks on the Dark Web.
The creation of a configuration automates this integration and synchronizes alerts between the two systems.
SLA (Service Level Agreement): Monitoring remediation policies over a dynamic period
The SLA (Service Level Agreement) enables you to measure your organization's ability to remediate vulnerabilities within the timeframes defined by internal rules or compliance obligations. Here are typical timescales for remediation based on the severity of vulnerabilities:
Low: 90 days
Medium: 45 days
High: 15 days
Critical: 7 days
Info: Non-critical period, for information monitoring only.
These SLAs make it possible to monitor the IT team's performance in managing vulnerabilities, and to ensure that patches are applied in a timely manner to limit risks.
Risk Insights Policies
Risk Insights Policies in Patrowl enable you to create vulnerabilities “on the fly” based on current or future Risk Insights.
This means that, when a potential risk is identified, you can automatically create a policy that will generate vulnerabilities based on these insights.
It's a proactive approach to managing risks upstream, without waiting for the vulnerability to be discovered directly in a scan.
Auto tag policies
This feature lets you manage global automatic tagging rules on current and future assets.
Tagging is a method of classifying or categorizing assets and vulnerabilities according to predefined rules.
For example, you can configure Patrowl to automatically label certain types of assets or vulnerabilities according to their criticality, geographical location or other relevant criteria.
This makes it easier to organize and manage vulnerabilities in complex environments.
Questions about dashboard management and orchestration?
What's the difference between security automation and orchestration?
Security automation performs repetitive tasks without human intervention (such as threat response), while orchestration coordinates different tools and processes for a comprehensive, integrated response to security incidents.
Who can manage the dashboard and what access is possible?
Auditor: Read-only and access to all data Standard: Read and write, access to all functionalities except user management, sub-organization management, global parameters and integrations.
Admin: Tenant administration role with access to user management, sub-organization management, global parameters and integrations.
Is access to the Patrowl Dashboard restricted?
As Patrowl is a multi-tenant SaaS service, access is not restricted geographically. There is no option to filter by source IP or restrict access via a VPN.
How are vulnerability alerts managed?
You will be notified by e-mail of critical vulnerabilities.
A weekly summary of all vulnerabilities is sent by e-mail.
You'll have the option of customizing alerts and integrating them with instant messaging tools (including Slack and Teams), planned as part of our 2023 roadmap.
How does empowerment work when my organization has subsidiaries or several structures?
Multi-tenant
Patrowl is a multi-tenant solution integrating organizations. This enables a “primary” security team to manage several “secondary” sub-organizations, offering differentiated authorizations to subsidiaries or companies with access only to their own entity.
Assets can be distributed according to organization.
Is there a history of my activities?
Logging: Accessible to the client
Via the Patrowl dashboard, the customer can access the nominative history of :
Occurrences of the main categories of security checks
Changes in “weighted / unweighted” status
Ticket creation
Changes in vulnerability status
Asset creation or import
Last user login dates
Accessible on request:Patrowl records the majority of actions and changes carried out on the platform. These logs can be consulted on request, at reasonable intervals.
