Internal Vulnerability Scanning

Hackers work tirelessly to find vulnerabilities in all types of hardware and software from PCs to printers to lights and HVAC. While misconfiguration and exceptions can also create vulnerabilities.

For organizations without Vulnerability Scanning these exploits often go unresolved and may used by hackers during a Cyber Attack.

In today’s hostile cyber world, regular Vulnerability Scanning has become a “must-have/must do” part of every cyber security plan.

Don’t ignore vulnerabilities, let us help you discover and remediate them.

Discovery of Vulnerabilities is on the rise.

There were 18325 new Vulnerabilities detected in 2020 alone.

(CVE Details)

Many new Vulnerabilities are high risk

57% of vulnerabilities were classified as being ‘critical’ or ‘high severity’

(Redscan)

Most Vulnerabilities don’t need users

68% of Vulnerabilities require no user interaction to exploit

(Redscan)

Detection

Scan Options

Exceptions

Notifications

Web Dashboard

Reporting

• Scans your network to detect known vulnerabilities

• Actionable information is provided for every discovered vulnerability, including:

  • A summary of the specific weakness associated with the vulnerability

  • All nodes affected by the vulnerability (when filtering by risk type)

  • Potential impact of a successful exploitation of the risk

  • Recommended solution

  • Additional information and insights about the particular vulnerability

  • How the vulnerability was detected

• Can be scheduled to run daily, weekly, monthly or quarterly

• Configure multiple schedules if needed

• Different scan types can be set for each schedule

  • Fast scan - low impact scan that checks all standard port ranges and excludes brute force log-in attempts.

  • Standard scan - Significantly expands ports scanned and includes brute force log-in attempts.

  • Comprehensive scan - Scans every single port on every device in the selected IP range, looking for vulnerabilities and attempted brute force log-ins.

Nothing is more disruptive to vulnerability management than the “noise” created by false positives — situations you are aware of and don’t need or want those specific notifications.

• Easy-to-use rules engine that ignores specific vulnerabilities

• Apply the rule to a specific OID or device or any combination

• Specify a start and stop date, if desired to “snooze” a vulnerability

• Once a scan is complete, the Vulnerability Scanner generates and sends an email alert to everyone on your notification list.

• Choose from a comprehensive alert with all the details of everything discovered, or a summary alert which is filtered by issue or device.

• You’ll also get notified in the event that the scan fails for any reason.

Single Endpoint security solution to support all your workstation and servers.

• View all scan results and drill into more detail in our web-based dashboard

• Filter by Issue, Device, or Date range.

• Search based on text in the vulnerability name.

• Easily identify the highest-risk issues.

• Vulnerability Scan Assessment Reports can be scheduled.  

• Reports can be emailed to you or any recipient

• Reports can be saved to your happier IT Report Vault as evidence of compliance to a wide range of IT security standards.

There is no limitation on the number of Data Collectors (scanners) you can use. If you have a number of remote branches, a large network, or a distributed network, you can have as many data collectors as necessary at no extra charge.

• 1x Data Collector required per organization

• 1x Data Collector recommended per location

  • Scan effectiveness can be impacted over VPN

• Data from all Collectors is merged in the console / reports

• Data Collector available as a Virtual Appliance (no charge) or as a physical appliance.

• Virtual Appliance Minimum Requirements

  • 2-core i5 or Xeon processor (4 cores recommended for larger sites)

  • 6GB RAM

  • 40GB of diskspace