YOUR COMPANY IS A TARGET
YOUR COMPANY IS A TARGET
VULNERABILITY MANAGEMENT
VULNERABILITY MANAGEMENT
Effective security mapping through precise discovery and mapping of all assets, systems, and applications on the network and beyond
You can edit text on your website by double clicking on a text box on your website. Alternatively, when you select a text box a settings menu will appear. your website by double clicking on a text box on your website. Alternatively, when you select a text box
Produce reports with credible information about your organization's security posture over time. Show and justify how IT security enables business continuity.
Vulnerability management is an opportunity to significantly lower the cost of security. It's less costly to deal with security before serious problems arise than it is to deal with it during a crisis or incident recovery. Additionally, leveraging Radar's cloud resources allows organizations to lower their expenses.
OUR SERVICE BENEFITS
OUR SERVICE BENEFITS
Redcuce risk and save time
secure teams, managed vulnerability provides supperior coverage and risk reducion, freesing your team up for more priority security initiatives.
Implement a successful program
Develop,tune, and optimize a holistic vulnerabilityZAQ
?} management program that's toilored to your business and risk tolerance
Accelerate progress toward your goals
Our mission is to accelerate your vulnerability management program no matter your current level. Consider us an extension of your team.
VULNERABILITY SCANNING & MANAGEMENT IN A SINGLE SOLUTION
VULNERABILITY SCANNING & MANAGEMENT IN A SINGLE SOLUTION
Security center dashboard
Keep on top of the current status of vulnerability and incidents, prepare standard and custom report on risk and compliance, and more
Internet Asset Discovery
Enumerate possible attack vectors with an internet and web threat assessment
Discovery scans
Map your surface with network and port scanning
vulnerability scans
Scan systems and web applications for publicly-known vulnerabilities
Vulnerability Management
manage vulnerability centrally with security alerts and forensics
PCI DSS Compliance
Ensure compliance with current and future regulations to reduce risk of data loss
FREQUENTLY ASKED QUESTIONS
FREQUENTLY ASKED QUESTIONS
- Usually, our scans take anything from 15 minutes to a few hours to complete. However, this can be influenced hugely by a number of different factors, and there are many reasons why scans may take much longer than that to complete. Here are the most common: Large number of targets The biggest factor in any scan is simply how many targets you've added. If one target can take up to a few hours, then hundreds of targets could potentially take hundreds of hours. It's not normally that bad, as we can run many checks in parallel, but as a general rule, the more targets, the longer it takes. High total number of ports & services For each discovered service, a number of checks need to be carried out by our scanners. So if you've entered targets with a total of hundreds or thousands of open ports running services exposed to the internet, then our scans will take longer to do all the checks they need to do. Intrusion prevention systems In some rare cases, intrusion prevention systems can aim to confuse scanners by making ports which are closed appear to be open, which for the same reason above can cause extended scan times. Some firewalls and modern edge routers even have IDS technology built-in, so it may be worth double-checking if your scan is taking a long time. We recommend whitelisting our scanners through any intrusion prevention systems, as these could hamper our efforts to detect open ports and services and slow down our overall scans. Very large websites Our web-application checks are some of the most time-consuming elements of our scans. As such, websites with a very large number of webpages that are linked to from the home page may cause scans to run for longer. Unusual configurations Some customers have unusual networking or server configurations that can lead to long-running scans. For example, in one case a reverse proxy was set up to serve a single website from a large number of non-standard ports. This caused our scanner to scan the same website thousands of times. If this is happening on your targets, we'll do our best to let you know about it! If you ever need to stop a scan, you can cancel scans on the scans page.
- We think this is why most vulnerability scanners go out of their way to tell you there's something wrong, or at least flood you with information about things they've noticed about your infrastructure, such as the fact there's a web server running, or what type of encryption it offers. This might look impressive, to begin with, but it doesn't help later on when you're flooded with information, and you're missing genuine security issues because there's too much noise. At XcellHost, we like to be a little different. If we don't think there's anything wrong with your security, we'll say so. Of course, where we see small opportunities for improvement, we'll mention them - but we don't throw purely "informational" issues at you which don't need any action, we know you're too busy for that. That doesn't mean you're losing out on anything important though, under the hood we use an enterprise-grade scanning engine, and if you haven't already, check out our article "What's the benefit of perimeter-specific results?" to see how we prioritize issues that most vulnerability scanners call "informational" that do actually matter in the context of your perimeter.
- If you're worried about our scanning bringing a system offline, or causing heavy traffic to a production system, rest assured that XcellHost's scanning engine is configured to be safe to use, even when scanning production systems. XcellHost's scanning engines are designed to be safe. This means that our checks confirm vulnerabilities in ways that cause no downtime, and do not cause unintentional damage. Some web vulnerabilities do require a thorough set of tests to confirm, and so you may see high traffic on websites you're scanning. However, modern and well-resourced web servers shouldn't have any trouble dealing with this volume. However, if you know you have significant resource constraints; or reasons why your system may not respond well to a peak in traffic, you may want to increase server resources or run a scan outside busy times. Certain types of denial of service (DoS) vulnerabilities, including distributed attacks (DDoS) are not part of XcellHost's vulnerability scanning offering. Checking for denial of service (DoS) vulnerabilities often involves sending overwhelming amounts of traffic to systems, and so XcellHost does not perform these types of checks.
- Penetration tests have long been an essential part of many organisation’s strategy to protect themselves from cyber attack. But the use of penetration testing alone can often leave such organisations defenceless for long periods of time. Performing annual penetration tests as a primary defence against attackers gained popularity in years gone by, for good reasons, and is still common in the cyber security industry today. And while this strategy is certainly better than doing nothing, it does have a fairly critical drawback — what happens between tests?
- It can be difficult to know if a vulnerability scanner is any good, especially if you're testing it against your own systems, which at this point in time, may not have any security problems! There is no doubt that manual penetration tests are an essential part of a robust security solution and an excellent first port of call. Performing annual or, in some cases even quarterly manual penetration tests as a primary defense against attackers is commonplace in the cyber security industry today. Though this strategy does have its merits, it lacks one critical element – continuous coverage. To answer the question on why continuous vulnerability scanning is essential, it helps to give some examples of situations that could occur: Perhaps a critical new vulnerability is discovered in software your business is using, during that long year between annual pen tests. Or a security misconfiguration gets introduced by a junior developer. What if a network engineer opens up a port on a firewall exposing one of your databases to the internet? Whose job is it to notice these issues which, if left unchecked, could result in a data breach or compromise? Without automated monitoring of issues such as these, it's hard to argue that they'd be noticed and fixed before attackers get a chance to take advantage. Scanning for security issues on a regular basis helps to complement manual testing, as it provides businesses a good level of ongoing security coverage between manual tests, which are often performed only annually or before big releases. Our view is that automated continuous monitoring solutions should be the first port of call for companies starting out on their journey towards a robust security solution.