Vulnerability Management
What Is Vulnerability Scanning?
If we imagine that your application or network device is a locked door, a vulnerability scan tries to identify all the known keyholes that exist on that door. The most crucial role for an IT security team involves comprehensive vulnerability management – assessing, mitigating, and reporting security weaknesses and cyber threats within the organisation’s portfolio of technical solutions.
Left undetected, vulnerabilities can theoretically be exploited to impact the confidentiality, integrity and/or availability of your corporate data or services.
Vulnerability scanning does not attempt to open the locks…that is what penetration testing does.
Introducing VIPER
VIPER is an acronym for Virtual Penetration Test and Report.
The VIPER solution is an innovative, automated and fully managed vulnerability scanning service.
The solution detects vulnerabilities within the network infrastructure and web applications on the day they are listed on the vulnerability database.
The solution allows you to scan what you want when you want and how you want. This includes daily scans against critical systems.
How Does VIPER Work?
VIPER uses multiple scripts to gather data, sorting and transforming it into information that can be easily understood and actioned.
VIPER deployment is simple, it can be deployed on-premise or hosted on our own servers at our secure head office location. If you prefer the cloud, then it can also be hosted in AWS.
How Does VIPER Detect Vulnerabilities?
The scope, the frequency and the report delivery mechanism are all agreed with you at the pre-implementation phase.
This means that VIPER runs at times determined by yourself, detecting services that are vulnerable, elements of web applications which are vulnerable and importantly, what the security implications are.
The scanning engines identify undocumented security vulnerabilities, SQL injections, vulnerabilities behind authentication, input sanitisation problems, SSL and encryption misconfigurations and many more types of vulnerability.
Once vulnerabilities are identified, they are then automatically cross checked for analysis and verification. False positives and false negatives are removed and the report is created and made available.
Once verified, the reports can be sent directly to the named individual via encrypted email or accessed through authenticating to a secure dashboard.
Once you access your report, it’s reassuring to know that you have the technical team of qualified testers available to support your remediation plans via our dedicated helpdesk.
Benefits Of Deploying VIPER
Innovative Functionality
VIPER is not only concerned with identifying vulnerabilities. It produces useful management information and tracks the time difference between a vulnerability being identified and a solution being applied.
Personalise, adapt and change the service in real-time. We call this the “Mean time to Resolution”.
Frequently Asked Questions
An automated vulnerability scanner can help form the foundation of a robust vulnerability management program. This is because using an automated vulnerability management solution is a proactive way to enable the identification and discovery of potential weaknesses.
Vulnerability scanning involves using applications that help teams create an inventory of all systems and devices connected to your organisation’s network.
A vulnerability scanner can also identify operating systems, patch levels, software versions, and other details relevant to security management for each inventory asset within scope.
Left undetected, vulnerabilities can theoretically be exploited to impact the Confidentiality, Integrity and/or Availability of your corporate data or services.
30-day evaluations are available.
Each evaluation takes about 30 minutes to deploy and the results start immediately.
If you’d like to find out more, please contact your account manager