Easily import data from multiple vulnerability scanning platforms such as Qualys, Nessus, Nexpose and more
Quickly and effectively indentify which vulnerabilities to remediate by risk or by compliance
Merge allows you to easily track the lifecycle of each vulnerability to ensure validation and completion
Merge enables you to provide indepth, detailed audit trails for compliance reporting with ease
Merge.io analyzes continuous scan data to validate closed vulnerabilities are fully remedied. Vulnerabilities that still exist are automatically re-opened and assigned. This closed-loop validation process provides the detailed audit trail for each vulnerability to demonstrate compliance with PCI 11.2’s clean-scan requirements.
From the point of import into the Merge.io platform, every action that is performed on every vulnerability is recorded. From identification to closure, approval and even validation. Merge.io tracks every action, date, time and user.
Choose which vulnerabilities to remediate through the use of built in compliance profiles (such as PCI Compliance). Or customize your own risk profiles.
Configure your projects to require a project manager to approve vulnerabilities. This quality assurance step can ensure that the provided documentation and evidence meets internal standards