The purpose of vulnerability scanning is to provide a baseline for detection of common vulnerabilities in your environment. Vulnerabilities, if compromised, could permit unauthorized access to your network, ranging from unnecessary access to malicious or damaging access. Such access could compromise your operational processes or private information and result in damages that could potentially cripple your business.
Though no amount of analysis is a guarantee of absolute safety, it just doesn’t make sense to leave the door open when there are tools and methodologies to make your environment significantly safer. One such tool is vulnerability scanning. ACT can perform a relatively non-invasive vulnerability scan of your public-facing networks and your internal networks, the results and remediation of which will help you to make significant strides toward protecting your business from compromise.
ACT will work with you to identify the range of public interfaces (IP numbers) that represent all of the possible entry points to your system from the outside world. We will then run a battery of tests to surface common vulnerabilities and provide both summary Executive reporting as well as detailed reporting to you in regard to the level of risk as well as the processes for remediating each vulnerability found.
In much the same manner as the external scan, ACT will work with you to identify the range of IP numbers in use for your internal network. Beyond the documentation you provide, we will run a scan of the full range of all possible IPs to determine if any undocumented devices may exist. The resultant reports will categorize the vulnerabilities found and will provide detailed steps for remediation. Typical results include such items as SNMP and FTP vulnerabilities, as well as validation of applied Microsoft security patches.
With these reports as a road map for remediation, you can decide to what degree you wish to proceed with fixing the vulnerabilities identified and reducing your exposure. Subjects pertinent to making such a decision involve factors such as asset value, level of risk and the expectation of compromise.
ACT uses the Qualys scanning product to perform vulnerability scans and produce the reports required for remediation. Qualys ranked high in the 2015 Gartner “Magic Quadrant” as a company to watch, a “Challenger” among Application Security Testing information security businesses. The Qualys product utilizes cloud-based technology allowing us to remotely scan your external network at any mutually agreed upon time. Internal scans are conducted by placing a mobile computer within your network. That computer is then able to see devices within your network and perform the scan, reporting the results back to the cloud-based servers for analysis. This methodology means that no agents are needed for your network devices and the scanner can run independently with no effect on your installed equipment.