Turn-key Vulnerability Management

Similar documents
Turn-key Vulnerability Management

The Different Flavors of Greenbone s Technology

Chapter 5: Vulnerability Analysis

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

The Top 6 WAF Essentials to Achieve Application Security Efficacy

SONICWALL SECURITY HEALTH CHECK SERVICE

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

SONICWALL SECURITY HEALTH CHECK SERVICE

Security

Security in Bomgar Remote Support

SONICWALL SECURITY HEALTH CHECK PSO 2017

Security in the Privileged Remote Access Appliance

IBM Proventia Network Enterprise Scanner

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

Blueprint for PCI Compliance with Network Detective

TRACKVIA SECURITY OVERVIEW

Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats.

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

Security analysis and assessment of threats in European signalling systems?

Manchester Metropolitan University Information Security Strategy

Information Security Controls Policy

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Total Security Management PCI DSS Compliance Guide

Snort: The World s Most Widely Deployed IPS Technology

Merchant Certificate of Compliance

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

SECURITY & PRIVACY DOCUMENTATION

Projectplace: A Secure Project Collaboration Solution

HIPAA Compliance Assessment Module

A company built on security

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

IPM Secure Hardening Guidelines

University of Pittsburgh Security Assessment Questionnaire (v1.7)

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Juniper Vendor Security Requirements

CyberSecurity. Penetration Testing. Penetration Testing. Contact one of our specialists for more information CYBERSECURITY SERVICE DATASHEET

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Comodo HackerGuardian. PCI Security Compliance The Facts. What PCI security means for your business

Foundstone 7.0 Patch 6 Release Notes

Total Protection for Compliance: Unified IT Policy Auditing

PCI Compliance. Network Scanning. Getting Started Guide

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

UCOP ITS Systemwide CISO Office Systemwide IT Policy. UC Event Logging Standard. Revision History. Date: By: Contact Information: Description:

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

SECURING YOUR BUSINESS INFRASTRUCTURE Today s Security Challenges & What You Can Do About Them

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Tenable SCAP Standards Declarations. June 4, 2015 (Revision 11)

Securing CS-MARS C H A P T E R

2.4. Target Audience This document is intended to be read by technical staff involved in the procurement of externally hosted solutions for Diageo.

Lab Test Report DR110208B. McAfee Risk Management Solution. February 8, 2011

Standard for Security of Information Technology Resources

How-to Guide: Tenable Nessus for Microsoft Azure. Last Updated: April 03, 2018

Cisco Security Manager 4.1: Integrated Security Management for Cisco Firewalls, IPS, and VPN Solutions

This ethical hacking course puts you in the driver's seat of a hands-on environment with a systematic process.

Cyber Security Audit & Roadmap Business Process and

Cloud Customer Architecture for Securing Workloads on Cloud Services

SONICWALL SECURITY HEALTH CHECK SERVICE

During security audits, over 15,000 vulnerability assessments are made, scanning the network IP by IP.

PROTECTING INFORMATION ASSETS NETWORK SECURITY

Training for the cyber professionals of tomorrow

External Supplier Control Obligations. Cyber Security

YOUR QUALITY PARTNER FOR SOFTWARE SOLUTIONS TMA SOLUTIONS

File Transfer and the GDPR

PCI DSS Compliance. White Paper Parallels Remote Application Server

Scan Report Executive Summary. Part 2. Component Compliance Summary Component (IP Address, domain, etc.):

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Watson Developer Cloud Security Overview

Security Assessment Checklist

Automated, Real-Time Risk Analysis & Remediation

IoT & SCADA Cyber Security Services

ORACLE MANAGED CLOUD SECURITY SERVICES - SERVICE DESCRIPTIONS. December 1, 2017

SoftLayer Security and Compliance:

Features. HDX WAN optimization. QoS

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Wireless Networking and PCI Compliance

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

Education Network Security

IBM services and technology solutions for supporting GDPR program

Imperva Incapsula Website Security

RiskSense Attack Surface Validation for Web Applications

Merchant Guide to PCI DSS

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

NETWORK ACCESS CONTROL OVERVIEW. CONVENIENCE. SECURITY.

Changing face of endpoint security

CompTIA CAS-002. CompTIA Advanced Security Practitioner (CASP) Download Full Version :

User Interface. An Introductory Guide

Automating the Top 20 CIS Critical Security Controls

Industrial Defender ASM. for Automation Systems Management

Payment Card Industry (PCI) Executive Report 11/07/2017

IBM SmartCloud Notes Security

TRUE SECURITY-AS-A-SERVICE

ForeScout CounterACT. Assessment Engine. Configuration Guide. Version 1.0

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

epldt Web Builder Security March 2017

: Administration of Symantec Endpoint Protection 14 Exam

Security Operations & Analytics Services

Visibility: The Foundation of your Cybersecurity Infrastructure. Marlin McFate Federal CTO, Riverbed

Transcription:

Turn-key Vulnerability Management Security Manager The solution for IT security in your organisation Security issues: How many? Where are they? How can I correct them? Compliance: Has it been achieved or not? If not, what s the gap? Overview: What is the current state? Is it getting better or worse? Risk escalation: Who needs to be informed when and how?

Vulnerability Management Vulnerability Management is a vital element of your IT compliance: within IT security, technical security must be ensured by an ongoing management process, the aim of which is to protect the system from dangers and threats, avoid damage and minimise risks. Managing Directors and CIOs must ensure the complete protection of corporate data. In its simplest form, the continuing process consists of three steps: Assessment -> Measures -> Controls The security measures taken must be adapted continuously to changing basic conditions. It is best to prepare the necessary regulation and control measures using an automated, integrated system. Vulnerability Assessment The Security Manager (GSM) provides for Vulnerability Assessment. Our focus lies on preventive measures since, with regard to risks and costs, it is best to detect vulnerabilities before attackers manage to do so. The GSM is applied at the ideal point: security prevention. The GSM can be applied from different perspectives (combinations also possible): Externally: Attacker s external perspective Identification of poorly configured firewalls Detection of highly security-relevant errors Within the DMZ: What if the firewall fails? Identification of vulnerabilities within the security zone Within the network: Internal attacker s perspective or computer worm Detection of potential damage, classification according to risk Complete scope of detection can be used

Clearly structured front-ends give you full visibility of vulnerabilities in your network. The scan also identifies breaches of your corporate security policies or statutory regulations. The GSM is ideal for completing IT security with a permanent integration into the existing infrastructure. Auditors and solution providers who offer the solution to customers as a service, however, can also benefit from the GSM. The GSM offers maximum automation for the security process. Your threat scenario changes daily. To be able to react quickly to new vulnerabilities, Security Feed ensures test routines are up-to-date: based on CVE reports and information provided by Security Feed manufacturers, we create new certified tests every day. Over 53,000 test routines are currently active for heterogeneous IT networks (as of May 2017). The GSM automatically receives the Security Feed via the encrypted daily update process. Common Vulnerabilities and Exposures (CVE) is the manufacturer-independent industry standard for the explicit identification and description of vulnerabilities.

Measures: Vulnerabilities often emerge by pure misconfiguration. Classic examples are an administration password 12345678 or shared disks accidentally exposed to the internet. Vulnerability scans represent the first step towards detecting such problems. The technical IT department must also have the means to close, or at least defuse, the detected vulnerabilities. Security guidelines to help prevent misconfiguration likewise need to be mapped through an organisational process. Where to start; how big is the risk? Practical experience suggests starting where the operational risk is the greatest. The Common Vulnerability Scoring System (CVSS) is an industry standard to classify the severity and vulnerability of computer systems to prioritise the time and effort required to defuse them. The assessment is based on criteria such as security relevance, total damage to be expected or dissemination. Detection of vulnerability must be followed either by their removal (update, patch or reconfiguration) or by a reaction through other security mechanisms (IDS, firewall rules). IDS (Intrusion Detection Systems) and firewalls are often a quick remedy regarding vulnerabilities if no updates are available to close the security holes. But beware: The more exception rules firewall and IDS collect against known problems without identifying and closing the actual security holes, the greater the risk of damage and the higher the failure and removal costs once damage occurs.

Controls: The GSM enables the state of security; respective changes to it and security benchmarks to be documented. By transferring scan results to the management process, simple figures or traffic lights can be used to show whether vulnerabilities exist, whether they have since been addressed by IT administration or whether new vulnerabilities have been discovered within the ongoing vulnerability assessment. As part of the organisational process, it is possible to implement testing for compliance with security guidelines in test routines. The resulting automation of compliance testing substantially improves ease of work. These countermeasures must also be documented in this process to assess their technical effectiveness. This can be performed by a repeated vulnerability assessment scan or a detailed test with another software tool. Audit support: While in the past security audits could only be carried out sporadically, the GMS provides automatic reports updated daily or alarms. An example: IT-Baseline Security (BSI IT-Grundschutz): The GSM can carry out automatic tests on the IT-Baseline Security catalogues of the German Federal Office for Information Security (BSI). The latest supplementary delivery is supported by over 100 measures. This is the maximum number of measures that can be supported by automatic tests. Some measures are quite comprehensive, meaning that far more than 100 individual tests are conducted per target system. The GSM is then a rapid assistant when it comes to conducting IT-Grundschutz audits, enabling breaches to be tested automatically as a regular background process.

Product overview: The GSM is a dedicated Vulnerability Management security appliance. It integrates transparently into your vulnerability and threat management systems. With a choice of front-ends, security scans give you full visibility of vulnerabilities in your network. The scan also identifies potential breaches of your corporate security policy and of statutory regulations. Benefits Turn-key solution: operational within 10 minutes Powerful appliance operating system with special command line administration based on a comprehensive security design Integrated Security Feed with over 53,000 Network Vulnerability Tests, automatically updated daily Integrated Backup, Restore, Snapshot and Update Integrates Security Assistant as central web interface No limitation on number of target systems or IPs GSM subscription is a flat rate, and includes exchange of defective hardware as well as access to the Security Feed, feature updates and support

Features Supported standards: Network integration: SMTP (e-mail), SysLog, NTP, DHCP, IPv4/IPv6 Vulnerability detection: CVE, CPE, CVSS, OVAL Network scans: WMI, LDAP, HTTP, SMB, SSH, TCP, UDP,... Policies: IT-Grundschutz, PCI-DSS, 27001,27002 Application web-based interface (HTTPS): Scan tasks management with false-positive marking Multi-user support Report browsing aided by filtering, sorting and notes Report export as PDF or XML Appliance performance overview Application remote control: OpenVAS Management Protocol (OMP, SSL-secured) All user actions of web-based interface available Supported by desktop applications Automated via scriptable command line tools Administrative console interface (shell via SSHv2 / RS232): Network integration configuration Backup, Restore, Snapshot, Factory Reset, Update Includes approved and customised versions of: Scan Engine: OpenVAS Scanner, OpenVAS Manager OpenVAS Administrator and Security Assistant Additional scan tools: Nmap, w3af Additional connectors: w3af, PaloAlto, Fortinet, Cisco FireSight, Nagios, verinice, ArcSight, LogRhythm

Smartest Solution for the Market: The Security Manager s unique selling point is its independently verifiable security. Since the technical processes of the scan engine are available as open-source software, it can be audited by customers or state testing and certification bodies with regard to complete correctness and quality. Investment and benefits Our price is entirely independent of the number of scanned systems or the frequency or number of scans used. The daily update of test routines ( Security Feed) with the latest information about security holes is included in this flat-rate subscription. The basic investment includes the procurement of a GMS appliance, including Security Manager, and a one-year subscription with Security Feed and support. Via its value-added reseller, also offers customisation to specific IT environments, the preparation of testing schemes according to individual specifications and close integration into existing management frameworks. Benefits of Security Manager Subscription Subscription periods available for 1, 3 and 5 years: Security Feed (GSF): daily vulnerability tests E-mail and hotline support All feature updates free of charge Hardware guarantee RMA via distributor Your Security Solutions partner: Neumarkt 12 49074 Osnabrück Germany Fon: +49 (0)541 76 02 78-0 Fax: +49 (0)541 76 02 78-90 E-Mail: sales@greenbone.net Internet: www.greenbone.net

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback