9 Free Vulnerability Scanners + 1 Useful GPO Tool

Transcription

1 9 Free Vulnerability Scanners + 1 Useful GPO Tool Enjoy these tools to help automate the detection and remediation of vulnerabilities concerning NIST, PCI, HIPAA and many other federal regulatory requirements. So, you like to scan for security vulnerabilities right? Even though you may know and follow basic security measures on your own when installing and managing your network and websites, you'll never be able to keep up with and catch all the vulnerabilities by yourself. That s why you should also have qualified people you can count on and a variety of tools to compare. Well beyond scanners, there s not likely to be a replacement for the human-factor concerns Web, Application and Network penetration testing or analysis in any foreseeable future, says Jonathan Goetsch, CEO of US ProTech. Therefore be sure to incorporate the use of a legitimate security services provider and tools that have been 3 rd party validated, preferably by NIST and division of the U.S. Department of Commerce. Otherwise, you may unknowingly fall victim or worse, end up on the headlines of television stations, newspapers and blogs. Here s some good news. vulnerability scanners can help you automate security auditing and can play a crucial part in your IT security. They can scan your network and websites for up to thousands of different security risks, producing a prioritized list of those you should patch, describe the vulnerabilities, and give steps on how to remediate them. Some can even automate the patching process. said Mr. Geier, who has also contributed to some findings. So, let s jump right into scanners. Though vulnerability scanners and security auditing tools can cost a fortune, there are free options as well. Some only look at specific vulnerabilities, but there are also those that offer broad IT security scanning. Here is the list - one (1) end-point scanner and seven (7) network scanners and you really must see: 1. US ProScan / Free real time End-Point vulnerability scanning Imagine scan any user, any endpoint, anywhere and at any time and know the security profile. Now you can! US ProTech, offers a free scan of any endpoint device using their Endpoint Vulnerability scanner. All you do is fill out a simple form and within minutes you ll know where employees are storing unprotected personal health information, credit card, social security and other data. This mobile security analysis provides visualization of the security landscape for Android, Apple ios smartphones and other tablets. The report is intended to provide meaningful metrics about vulnerabilities and threat vectors to organizations who allow BYOD and mobile workers. Benefits are nearly endless and exceeds PCI Compliance with data discovery of PAN data, HIPAA and Compliance with data discovery of PII data. Use this application for BYOD, Mobile Security and Endpoint Vulnerability Management with tools to locate, lock and wipe built-in. The free scanner is unlimited for single device assessments enterprise-wide solutions are also very affordable for just a few dollars per device. This offer can be found at

2 2. Qualys FreeScan Qualys FreeScan provides up to 10 free scans of URLs or IPs of Internet facing or local servers or machines. You initially access it via their web portal and then download their virtual machine software if running scans on your internal network. Qualys FreeScan supports a few different scan types; vulnerability checks for hidden malware, SSL issues, and other network-related vulnerabilities. OWASP is for auditing vulnerabilities of web applications. Patch Tuesday scans for and helps install missing software patches. SCAP checks computer settings compliance against the SCAP (Security Content Automation Protocol) benchmark provided by National Institute of Standards and Technology (NIST). Even though at first you just see an online tool that appears to do scanning via the Internet, if you enter a local IP or scan, it will prompt you to download a virtual scanner via a VMware or VirtualBox image. This allows you to do scanning of your local network. Once a scan is complete you can view interactive reports by threat or by patch. Since Qualys FreeScan only provides 10 free scans, it s not something you can use regularly. Consider using another solution for day-to-day use and periodically run Qualys FreeScan for a double-check US ProSecure / Free Trial includes trend analysis & remediation steps What s hot in security today? Answer: Military grade, US DOC validated security processes! Data breaches are the number one cause of identity theft (ref. JP Morgan Chase, Home Depot, Target, etc.). US ProSecure's data discovery scan (SCAP Approved) identifies security vulnerabilities in granular detail. This product will identify what systems, applications and devices at risk, simple, fast, and is affordable for desktops, servers and mobile devices. As leaders in the market, US ProTech is not the newest kid on the block in the vulnerability scanning arena. US ProSecure is already a standard for major businesses in five nations including the USA, Mexico, Canada, Germany and the United Kingdom. If your organization concerns itself with NIST, PCI, HIPAA or the like, this processes is validated by the U.S. Department of Commerce. Their scanning criteria exceed military standards and the High-Impact Baseline Standards of the US Department of Defense, the US Department of Energy, OWASP and many others including security thresholds under NIST r4. US ProTech s scanning and configuration auditing capabilities are also an approved SCAP solution, as an FDCC Scanner, Authenticated Configuration Scanner, Authenticated Vulnerability and Patch Scanner, and Unauthenticated Vulnerability Scanner; US ProSecure has been approved for use in support of risk management and compliance under FISMA and FedRAMP for its vulnerability scanning and CyberScope reporting capabilities. US ProTech offers a free trial of their US ProSecure external vulnerability assessment service on up to three external IP addresses. They will scan the external IP addresses 3 times over a 60 day window to produce a vulnerability assessment and trend analysis report over that period.

3 This offer can be found at 4. Core Insight & Impact Pro Core Insight consolidates, normalizes, and prioritizes vulnerability management initiatives enterprisewide. Consolidating multiple vulnerability scans across vendors, while matching known exploits and simulating attacks enables you to focus on the most vulnerable points of your network. Core Impact Pro is the most comprehensive multi-vector solution for assessing and testing security vulnerabilities throughout your organization. Leveraging commercial-grade exploits, users can take security testing to the next level when assessing and validating security vulnerabilities. This offer can be found at 5. Retina CS Community Retina CS Community provides vulnerability scanning and patching for Microsoft and common thirdparty applications, such as Adobe and Firefox, for up to 256 IPs free. Plus it supports vulnerabilities within mobile devices, web applications, virtualized applications, servers, and private clouds. It looks for network vulnerabilities, configuration issues, and missing patches. The Retina CS Community software essentially provides just the patching functionality. Retina Network Community is the software that provides the vulnerability scanning, which must be separately installed before the Retina CS Community software. Retina CS Community installs on Windows Server 2008 or later, requires the.net Framework 3.5 to be installed, IIS server enabled, and Microsoft SQL 2008 or later to be installed. Keep in mind, installation on Domain Controllers or Small Business Servers is not supported. Once the software is installed you re provided with a GUI program for Retina Network Community component and a web-based GUI for the Retina CS Community component. It supports different user profiles so you can align the assessment to your job function. To scan you can choose from a variety of scan and report templates and specify IP range to scan or use the smart selection function. You can provide any necessary credentials for scanned assets that require them and choose how you want the report delivered, including delivery or alerts. Retina CS Community is a great free offering by a commercial vendor, providing scanning and patching for up to 256 IPs free and supporting a variety of assets. However, some small businesses may find the system requirements too stringent, as it requires a Windows Server. This offer can be found at 6. Microsoft Baseline Security Analyzer (MBSA) Microsoft Baseline Security Analyzer (MBSA) can perform local or remote scans on Windows desktops and servers, identifying any missing service packs, security patches, and common security misconfigurations. The 2.3 release adds support for Windows 8.1, Windows 8, Windows Server 2012 R2, and Windows Server 2012, while also supporting previous versions down to Windows XP.

4 MBSA is relatively straightforward to understand and use. When you open it you can select a single Windows machine to scan by choosing a computer name from the list or specifying an IP address or when scanning multiple machines you can choose an entire domain or specify an IP address range. You can then choose what you want to scan for, including Windows, IIS and SQL administrative vulnerabilities, weak passwords, and Windows updates. Once the scan is complete you ll find a separate report for each Windows machine scanned with an overall security classification and categorized details of the results. For each item you can click a link to read details on what was scanned and how to correct it, if a vulnerability were found, and for some you can click to see more result details. The reports are automatically saved for future reference, but you can also print and/or copy the report to the clipboard. Although free and user-friendly, keep in mind that MBSA lacks scanning of advanced Windows settings, drivers, non-microsoft software, and network-specific vulnerabilities. Nevertheless, it s a great tool to help you find and minimize general security risks. This offer can be found at 7. Nexpose Community Edition Nexpose Community Edition can scan networks, operating systems, web applications, databases, and virtual environments. The Community Edition, however, limits you to scanning up to 32 IPs at a time. It s also limited to one-year of use until you must apply for a new license. They also offer a seven-day free trial of their commercial editions. Nexpose installs on Windows, Linux, or virtual machines and provides a web-based GUI. Through the web portal you can create sites to define the IPs or URLs you d like to scan, select the scanning preferences, scanning schedule, and provide any necessary credentials for scanned assets. Once a site is scanned you ll see a list of assets and vulnerabilities. You can see asset details including OS and software information and details on vulnerabilities and how to fix them. You can optionally set policies to define and track your desired compliance standards. You can also generate and export reports on a variety of aspects. Nexpose Community Edition is a solid full-featured vulnerability scanner that s easy to setup but the 32 IP limit may make it impractical for larger networks. This offer can be found at 8. SecureCheq SecureCheq can perform local scans on Windows desktops and servers, identifying various insecure advanced Windows settings like defined by CIS, ISO or COBIT standards. It concentrates on common configuration errors related to OS hardening, data protection, communication security, user account activity and audit logging. The free version, however, is limited to scanning less than two dozen settings, about a quarter of what the full version supports. SecureCheq is a simple tool. After scanning the PC you ll see a list of all the checked settings and a Passed or Failed result.

5 Click a setting and you ll find links to references about the vulnerability, summary of the vulnerability, and how to fix it. Though you can t save the results for later viewing in the application, you can print them or view/save the OVAL XML file. Although SecureCheq is easy-to-use and scans for advanced configuration settings, it actually misses some of the more general Windows vulnerabilities and network-based threats. However, it complements the Microsoft Baseline Security Analyzer (MBSA) well; scan for basic threats and then follow up with SecureCheq for advanced vulnerabilities. This offer can be found at 9. OpenVAS The Open Vulnerability Assessment System (OpenVAS) is a free network security scanner platform, with most components licensed under the GNU General Public License (GNU GPL). The main component is available via several Linux packages or as a downloadable Virtual Appliance for testing/evaluation purposes. Though the scanner itself doesn t work on Windows machines, they offer clients for Windows. The main component of the OpenVAS is the security scanner, which only can run in Linux. It does the actual work of scanning and receives a feed updated daily of Network Vulnerability Tests (NVT), more than 33,000 in total. The OpenVAS Manager controls the scanner and provides the intelligence. The OpenVAS Administrator provides a command-line interface and can act as full service daemon, providing user management and feed management. There are a couple clients to serve as the GUI or CLI. The Greenbone Security Assistant (GSA) offers a web-based GUI. The Greenbone Security Desktop (GSD) is a Qt-based desktop client that runs on various OSs, including Linux and Windows. And the OpenVAS CLI offers a command-line interface. OpenVAS isn t the easiest and quickest scanner to install and use, but it s one of the most feature-rich, broad IT security scanners that you can find for free. It scans for thousands of vulnerabilities, supports concurrent scan tasks, and scheduled scans. It also offers note and false positive management of the scan results. However, it does require Linux at least for the main component. This offer can be found at Security Compliance Manager (SCM) New! Version 3.0 of the Security Compliance Manager (SCM) tool is now available for download! In addition to key features from the previous version, SCM 3.0 offers new baselines for Internet Explorer 10, Windows 8, and Windows Server SCM enables you to quickly configure and manage computers and your private cloud using Group Policy and Microsoft System Center Configuration Manager.

6 SCM 3.0 provides ready-to-deploy policies and DCM configuration packs based on Microsoft Security Guide recommendations and industry best practices, allowing you to easily manage configuration drift, and address compliance requirements for Windows operating systems and Microsoft applications. Key features in SCM 3.0 include: Support for Windows Server 2012, Windows 8, and Internet Explorer 10 product baselines: Secure your environment with new baselines for the latest software releases Gold master support: Import and take advantage of your existing Group Policy or create a snapshot of a reference machine to kick-start your project. Configure stand-alone machines: Deploy your configurations to non-domain joined computers using the new GPO Pack feature. Updated security guides: Take advantage of the deep security expertise and best practices in the updated security guides, and the attack surface reference workbooks to help reduce the security risks that you consider to be the most important. Comparisons against industry best practices: Analyze your configurations against prebuilt baselines for the latest Windows client and server operating systems. This offer can be found at For a comprehensive evaluation of the above tools, how they deploy, what your expectations should be and what the differences are among the tools, US ProTech is offering a complimentary consultation to assist you with selecting the appropriate set of tools to achieve your vulnerability assessment requirements. Call us today to schedule time with one of our security engineers; we look forward to connecting with you soon!