VAS includes continuous and highly accurate internal and external vulnerability scans for a 360-degree view. Besides fast and efficient authenticated or non-authenticated vulnerability scans, open ports, the use of potential unsecure or unnecessary services on these ports as well as shares and non-secure shares are detected.
Furthermore compliance- and password-checks spot configuration problems with regard to applications as well as password and user-policies. Standard and missing passwords are detected. Outdated patch versions of installed software and services with registry and dll-checks on Windows systems are done.
State-of-the-art vulnerability scanning in combination with the analysis of the Intelligence Team delivers results with zero false-positives and full vulnerability coverage.
Safe scanning is ensured, thus any disturbance of the availability or integrity of information is avoided. Moreover scans do not interfere with daily operations or availability because of predefined scan plans. No training is required.
Overall more than 67,000 tests are carried out in the categories of OS, software and vulnerabilities using the largest database in the industry.
Vulnerabilities are categorized in high, medium or low risk as well as the possibility of exploitation to provide easy to understand overviews of the current vulnerability landscape and information ready to meet compliance requirements.
Technical details: The comprehensive scanning capabilities include
- Network devices: firewalls/routers/switches (Juniper, Check Point, Cisco, Palo Alto Networks), printers, storage
- Virtualization: VMware ESX, ESXi, vSphere, vCenter, Hyper-V, and Citrix Xen Server
- Operating systems: Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries
- Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL, MongoDB
- Web applications: Web servers, web services, OWASP vulnerabilities
- Cloud: scanning of cloud applications and instances like Salesforce and AWS