MANAGED VULNERABILITY SCANNING



Similar documents
Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1

MaaS360 Cloud Extender

State of Wisconsin. File Server Service Service Offering Definition

Zimbra Professional Services Portfolio, Purchasing Guide & Price List

Help Desk Level Competencies

Restricted Document. Pulsant Technical Specification

CSC IT practix Recommendations

Ten Steps for an Easy Install of the eg Enterprise Suite

MITEL OPEN INTEGRATION GATEWAY (OIG): END- CUSTOMER DEVELOPMENT & LICENSING

Junos Pulse Instructions for Windows and Mac OS X

Cisco IT Essentials v4.1. Course Overview. Total Hours: 240

Optimal Payments Extension. Supporting Documentation for the Extension Package v1.1

Cloud Services Frequently Asked Questions FAQ

Installation Guide Marshal Reporting Console

Serv-U Distributed Architecture Guide

Datasheet. PV4E Management Software Features

Introduction to Mindjet MindManager Server

ABELMed Platform Setup Conventions

Nuance Healthcare Services Project Delivery Methodology

Instant Chime for IBM Sametime Quick Start Guide

State of Wisconsin Division of Enterprise Technology (DET) Distributed Database Hosting Service Offering Definition (SOD)

SBClient and Microsoft Windows Terminal Server (Including Citrix Server)

Introduction LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE Savision B.V. savision.com All rights reserved.

Process of Setting up a New Merchant Account

Configuring, Monitoring and Deploying a Private Cloud with System Center 2012 Boot Camp

Data Protection Policy & Procedure

Learn More Cloud Extender Requirements Cheat Sheet

Vulnerability Management:

Service Level Agreement (SLA) Hosted Products. Netop Business Solutions A/S

OR 2) Implement and customize an off the shelf product that would suit the requirements

Instructions for Configuring a SAFARI Montage Managed Home Access Expansion Server

Solution Brief. Aerohive and Impulse. Powerful Network Security for Education and Enterprise

Licensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite

Integrating With incontact dbprovider & Screen Pops

Installation Guide Marshal Reporting Console

SOFTWARE DEVELOPER POSITION BY RIOMED LTD. SAFE. EFFICIENT. QUALITY WORLD CLASS HEALTHCARE SOLUTION

Serv-U Distributed Architecture Guide

ACTIVITY MONITOR Real Time Monitor Employee Activity Monitor

GUIDANCE FOR BUSINESS ASSOCIATES

Using Sentry-go Enterprise/ASPX for Sentry-go Quick & Plus! monitors

Completing the CMDB Circle: Asset Management with Barcode Scanning

Cloud Contact Centre. Getting smart with customer contact

Deployment Overview (Installation):

Systems Support - Extended

PROTIVITI FLASH REPORT

Information Services Hosting Arrangements

The AppSec How-To: Choosing a SAST Tool

webnetwork Pre-Installation Configuration Checklist

Traffic monitoring on ProCurve switches with sflow and InMon Traffic Sentinel

VCU Payment Card Policy

Copyright 2013, SafeNet, Inc. All rights reserved. We have attempted to make these documents complete, accurate, and

Alexsys Team 2 Service Desk

Cloud Services MDM. Windows 8 User Guide

Wireless Light-Level Monitoring

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK

White Paper for Mobile Workforce Management and Monitoring Copyright 2014 by Patrol-IT Inc.

How Does Cloud Computing Work?

IT Help Desk Service Level Expectations Revised: 01/09/2012

SaaS Listing CA Cloud Service Management

2. When logging is used, which severity level indicates that a device is unusable?

Interworks Cloud Platform Citrix CPSM Integration Specification

FINRA Regulation Filing Application Batch Submissions

Microsoft Certified Database Administrator (MCDBA)

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

Monitor Important Windows Security Events using EventTracker

SYSTEM MONITORING PLUG-IN FOR MICROSOFT SQL SERVER

AVG AntiVirus Business Edition

webnetwork Pre-Installation Configuration Checklist

QAD Operations BI Metrics Demonstration Guide. May 2015 BI 3.11

o How AD Query Works o Installation Requirements o Inserting your License Key o Selecting and Changing your Search Domain

Software and Hardware Change Management Policy for CDes Computer Labs

Avatier Identity Management Suite

Preparing to Deploy Reflection : A Guide for System Administrators. Version 14.1

Mobile Device Manager Admin Guide. Reports and Alerts

JADU DATA PLATFORM SERVICE DEFINITION

CorasWorks v11 Essentials Distance Learning

Transcription:

Abut SensePst SensePst is an independent and bjective rganisatin specialising in infrmatin security cnsulting, training, security assessment services and IT Vulnerability Management. SensePst is abut security. Specifically - infrmatin security. Even mre specifically - measuring infrmatin security. We've made it ur missin t develp a set f cmpetencies and services that prvide ur custmers with insight int the security psture f their infrmatin and infrmatin systems. Why SensePst Over mre than a decade in service t the biggest and best rganisatins in the wrld, SensePst has built a reputatin based n trust. Trust ur integrity and bjectivity, and trust that we will prvide the highest available level f technical expertise. Cntact Us Web: Tel: Fax: Mail: www.sensepst.cm +27 12 460 0880 +27 12 460 0885 inf@sensepst.cm Intrductin Systematic Vulnerability Management fr security and cmpliance is a key discipline fr any mature mdern rganisatin. With SensePst Managed Vulnerability Scanning (MVS) it is pssible t identify and respnd t weaknesses in systems and netwrks befre they are discvered by hackers r malicius insiders. SensePst Managed Vulnerability Scanning is a fully Managed Vulnerability Scanning service supprted by SensePst and designed fr the enterprise. Requiring n client sftware and accessible frm any lcatin via a pwerful and easy-t-use web interface, MVS deplys a cllectin f specialised scanners t discver and analyse vulnerabilities acrss all the different cmpnents f a netwrk. Features and Benefits A fully managed service, requiring n installatin, cnfiguratin, r maintenance. N in-huse security skills r experience are required; Full business-hurs supprt included, with additinal supprt available n request; Prvides a single cmplete and cmprehensive view f the enterprise vulnerability psture frm inside and utside, fr bth Vulnerability Management and Payment Card Industry (PCI) Cmpliance purpses; Persnalised reprts in the frm f dashbards can be presented t specific grups and users accrding t their rle in the Vulnerability Management prcess; A pwerful drill-dwn feature allws fr quick and easy access t very detailed security infrmatin r high-level management metrics; Besides standard Vulnerability Scanning f netwrks, hsts and devices, the service can detect security issues in Active Directry, DNS, databases, and Web Applicatins; Autmatic tagging and inventry f hsts enables easy and autmatic classificatin fr searching and reprting int grups, accrding t functin, lcatin, sensitivity r ther attributes; and Multiple reprt frmats allw fr easy integratin and distributin f vulnerability and remediatin infrmatin. Multiple Vulnerability Scanners SensePst's Managed Vulnerability Scanning service is cmprised f the fllwing types f scanning services: Internet Perimeter Vulnerability Scanning; Internal Vulnerability Scanning; Web Applicatin Vulnerability Scanning; SensePst (Pty) Ltd - www.sensepst.cm

PCI Apprved Scanning Vendr (ASV) Vulnerability Scanning; Database Vulnerability Scanning; and Active Directry Vulnerability Scanning All scanners are accessed, managed, and cnfigured via a single, easy-tuse web interface. The required technlgy is available as Sftware as a Service (SaaS), a VMWare image r as a hybrid deplyment. Pwerful, Flexible Reprts Each user n the system has a unique dashbard custmised fr their rle within the Vulnerability Management prcess. Dashbards can cnsist f any number f widgets, called 'Blizzards', which can easily be added r custmised. Examples f standard Blizzards include: Technical: Management: PCI: Mst critical hsts; Mst vulnerable systems; and Newly discvered issues. General Trends; Number f new issues; and Number f existing issues nt remediated. Nn-cmpliant hsts; Specific issues causing nn-cmpliance; and PCI pass/fail status. Web Applicatin Vulnerabilities: Vulnerability Ht List; Hsts with dangerus SQL injectin (SQLi) Issues; and Hsts with dangerus Crss Site Scripting (XSS) issues. Secure Sckets Layer (SSL) Certificatin Management: Lists f expiring r expired SSL certificates; Overview f Certificate Issuers; and SensePst (Pty) Ltd - www.sensepst.cm

Overview f Certificate Cmmn Names. Pre-cnfigured templates allw fr rle-specific dashbards with the relevant widgets t be easily assigned t specific users. Differentiatrs A fully Managed Service. N installatin, cnfiguratin r maintenance required; Each client is assigned a Persnal Supprt Engineer wh is an experienced security analyst and penetratin tester; Prvides a cmprehensive verview f enterprise vulnerability psture with specific dashbards fr specific users and grups; Over 50 specialised reprt widgets are available t each user. New widgets, dashbards and tests can be seamlessly added; Highly cnfigurable and custmisable via yur Persnal Supprt Engineer t meet individual requirements; and Unlimited users. Unlimited scanning. SensePst (Pty) Ltd - www.sensepst.cm

Abut SensePst SensePst is an independent and bjective rganisatin specialising in infrmatin security cnsulting, training, security assessment services and IT Vulnerability Management. SensePst is abut security. Specifically - infrmatin security. Even mre specifically - measuring infrmatin security. We've made it ur missin t develp a set f cmpetencies and services that deliver ur custmers with insight int the security psture f their infrmatin and infrmatin systems. Why SensePst Over mre than a decade in service t the biggest and best rganizatins in the wrld, SensePst has built a reputatin based n trust. Trust ur integrity and bjectivity, and Trust that we will prvide the highest available level f technical expertise. Cntact Us Web: Tel: Fax: Mail: www.sensepst.cm +27 12 460 0880 +27 12 460 0885 inf@sensepst.cm Services SensePst ffer the fllwing types f Managed Vulnerability Scanning services: Internet Perimeter Vulnerability Scanning Cntinuus r n-demand vulnerability scanning f Internet-facing devices and systems, e.g. web servers, mail servers, ftp servers, DNS servers, ruters, firewalls, etc. Delivered via SensePst infrastructure in the "clud". Internal Vulnerability Scanning Cntinuus r n-demand vulnerability scanning f servers, wrkstatins, netwrk devices and peripherals such as printers and scanners cnnected t the internal LAN r WAN envirnment. Web Applicatin Vulnerability Scanning Cntinuus r n-demand scanning f Internet-facing Web Applicatins fr applicatin-level vulnerabilities like SQLi and XSS. PCI ASV Vulnerability Scanning Cntinuus r n-demand scanning f Internet-facing servers, e.g. web servers, mail servers and DNS servers, and Web Applicatins, e.g. e- cmmerce applicatins fr the purpse f PCI DSS cmpliance. SensePst is a PCI-ASV. SensePst ffers a cmprehensive supprt service arund the vulnerability scanner that ensures the custmer fully understands the findings and assciated implicatins within the cntext f the reprt. Thus, in additin t the autmated scans that the custmer may request at any time, SensePst will manually versee the executin f each mandatry quarterly scan and versee the findings in the reprt t verify their accuracy and relevancy with regard t the DSS. Mrever, experienced SensePst analysts are available n a business-hurs basis t field any queries and prvide supprt arund scanner utput. Database Vulnerability Scanning Cntinuus r n-demand scanning f databases like MS-SQL, Oracle and DB2 fr vulnerabilities, security miscnfiguratins and plicy cmpliance. Active Directry Vulnerability Scanning Cntinuus r n-demand mnitring f the Micrsft Active Directry (AD) grup membership and changes. Reprts changes t imprtant sensitive grups like Administratrs, Finance and HR s that ptential authrisatin breaches can be detected. SensePst (Pty) Ltd - www.sensepst.cm

Specificatins Underlying Technlgy: Active scanning Targeting can be manual r btained frm device attributes which are cntinuusly cllected and grabbed frm LDAP data such as frm AD Hst-based scanning Lcal plicy r cmpliance scanning Internet-based scanning Available n the Internet as SaaS. Otherwise a dedicated. can be placed in a DMZ t scan frm the "utside" Distributed and ptimised Agents can be placed at remte sites t reduce bandwidth csts scanning r at a central lcatin t allw fr faster scanning. Multi-perating system supprt Any device cmmunicating ver TCP/IP can be scanned Multi-database supprt Cmpliance scanning includes DB2, Oracle and MS SQL Manual scanning mde Scans can be scheduled r manually launched as nce-ff scans Scanning fr nn-standard prts Attribute cllectin Administratin Features: Full scanning mde will scan fr all 65k prts Gathers default cnfiguratin data and ther attributes f all devices scanned - including IP address, hstname, pen prts, installed service packs, SMS agents, Bind versin etc. Attribute cllectin is used t either identify new asset grups r t reprt n specific issues. Excellent reprting capabilities Management and full technical reprts available Detectin f missing There are very specific Micrsft checks. Mst ther devices are patches included as well Perfrmance management Netwrk bandwidth is mnitred and scans are autmatically adjusted t minimize impact n netwrk perfrmance Vulnerability ranking Default ratings are given but can be mderated depending n mitigating cntrls in place Scalability Extra IP addresses can be scanned as required. Easy updating Sftware updates are pushed dwn t the servers autmatically as they becme available Detectin f mst vulnerabilities Detectin f applicable vulnerabilities 28 000 checks give r take a hundred Cntinuus r n-demand scanning f Internet-facing Web Applicatins fr applicatin-level vulnerabilities like SQLi and XSS Frequent updating f attack signatures Can be daily, depending n hw they are released r develped Graphical r web interface Web interface. Hardware required Minimum specs are prvided client can prvide the hardware Installatin prcedures As a managed service, all installatin, cnfiguratin and maintenance perfrmed by SensePst. Training Very little training is required but shrt curses are available at any time at n additinal cst. Reprting features: Frmat PDF and CSV frmatting pssible. PDF reprts are srted accrding t either IP address r Vulnerability. A summary reprt can be dwnladed nly presenting the vulnerability SensePst (Pty) Ltd - www.sensepst.cm

Cnfigurability Custmisatin Flexibility Priritised reprting Srting f data Exprting t ther prgrams and frmats Different view Time-series reprting Dashbard reprting Issue reprting Perfrmance: Use f multiple scanners n enterprise netwrk Supprt Lcal Supprt header and the IP address Any reasnable reprt changes can be requested frm SensePst that at n additinal cst Reprts can be custmised t include branding, specific names, data classificatins, respnsible persns etc. New tests, new attributes, and new reprting blizzards can be added withut cst. Additinal scanning engines can be requested csts BY default reprts are srted accrding t either the highest risk (weighted issues) r accrding t the IP address with the highest weighted number f risks. Where a specific need is identified this culd be develp t suite the custmer The nline reprting feature allws fr srting accrding t weighting, IP address, issues, hsts etc. PDF and CSV.. XML utput can be prvided thrugh an API. Targets and vulnerabilities can be viewed thrugh a Vulnerability, Attribute and Desktp Blizzard view. The blizzard desktp can be tasked t shw vulnerabilities r numbers f hsts scanned ver a perid f time. Users are able t easily create persnalised desktp views accrding t their security rle in within the rganisatin. Each desktp can be ppulated with any number f widgets called Blizzards. Blizzards are SQL queries that are displayed in individual windws as charts r tables. These Blizzards can als be dwnladed as CSV r PDF reprts - apart frm the additinal reprting features. Blizzards can be specific t a single scan, acrss all scans, in a time-series, xy graphs, r acrss a certain asset grup. Issues are reprted t include descriptins, impact, CVSS numbers, CVE numbers, recmmendatins and external links. Raw utput f scan results can be enabled if s required Agents can be placed at remte sites t reduce bandwidth csts r at a central lcatin t allw fr faster scanning. Telephnic and email supprt is available wrldwide. On-site visits are available at n additinal cst in the United Kingdm and Suth Africa. SensePst (Pty) Ltd - www.sensepst.cm

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information