Stop implementing controls as a reaction to the latest security threat.

TraceCSO recommends controls, identifies gaps and tracks your remediation efforts.


Vulnerability management plays an integral role in the TraceCSO platform. Not only does the included scanner facilitate the management of your organization’s internal and external vulnerabilities, it also powers many of the functional areas of the software. If you have an existing scanner, you can integrate results into TraceCSO and leverage the power of the platform's seamless workflow, ticketing, alerting, reporting and governance capabilities. 

  • Network scanning identifies vulnerabilities and configuration scanning automates the documentation of your organization’s technical compliance controls.
  • An integrated ticketing system allows you to centrally manage the distribution and tracking of IT policies and training.
  • A built-in wizard walks you through setup, allows you to search active scans or build a network repository of assets.
  • Three types of scans are available within TraceCSO: vulnerability, configuration and a combination of the two.
  • TraceCSO supports true authenticated scanning, automatically detecting control implementation, such as password policy and screensaver settings, and intelligently tracks results within the risk assessment and compliance reviews.
  • Configuration scans are designed to gather data for compliance and reporting, and allow you to quickly identify when a system is out of compliance. Powered by a global database of regulations and citations, results are automatically parsed and associated back to the organization’s compliance data and controls.
  • Scans can be performed on a single IP or any number of machines and do not need to run on a regular schedule. Instant scans are useful when implementing updates or new assets. They can be used to ensure new vulnerabilities are not introduced to the environment and confirm that systems remain in compliance.
  • Results from scans are integrated within other functional areas of the system – such as audit, to assist in the automatic attestation to the implementation of controls; compliance, to update regulatory compliance status; and risk, to update scoring based on the completion of scans.
  • Dashboards and reports are provided for every functional area of the software and integrated for holistic viewing. For example, within vulnerability management you can drill down and filter to see vulnerabilities over time, by department or node group.


Register for Your FREE 30-Day Trial