Network Vulnerability Scanning
Special Promotion: 2017
Purchase a one-time Best Practice or HIPAA Vulnerability Scan and get your first 5 IPs for FREE.
A network vulnerability scan is designed to identify live network hosts, operating systems, applications, and vulnerabilities with the use of automated scanning tools. Vulnerability scanning will provide an overall snapshot of the vulnerabilities present on your internal and external networks to assist in vulnerability risk management.
Vulnerability scanning solutions help organizations gather information regarding potential weaknesses by unearthing every type of weakness that could potentially make your environment susceptible to breach. It is important to note, however, that vulnerability scanning can’t produce substantial amounts of data for your IT staff to discern which results are truly a threat… but it does create a list of potential items to mitigate.
Why should I have a vulnerability scan performed?
You should have a vulnerability scan performed to detect items such as forgotten or missing patches, misconfiguration of servers or network devices that could lead to a vulnerability (e.g. outdated OS).
How often should I run a vulnerability scan?
- After IT architecture changes or upgrades
- New office startups
- Policy changes
Internal vs. External: What’s the difference?
Internal Vulnerability Scanning
Identifying live hosts and providing a risk rating of vulnerabilities on the internal (local area) network(s)
External Vulnerability Scanning
Identifying live hosts and providing a risk rating of vulnerabilities on the external (public-facing) network(s)
Benefits of a Network Vulnerability Scan?
A MainNerve network vulnerability scan provides you with an automated scan of all in-scope networks in order to identify known security.
- Enumerate and identify networked systems
- Identify misconfigured and unpatched systems
- Determine remediation recommendations
- Vulnerabilities classified in a rating system with severity levels of impact
*Note: When validating the vulnerabilities discovered, MainNerve manually reviews all discovered vulnerabilities. This reduces false positives and provides an actionable list of vulnerabilities for remediation.
The MainNerve Vuln Scan Process
MainNerve scans external and internal networks to identify active devices. If a device is online, MainNerve records the IP address and continues to search for other active devices within the network. MainNerve then performs a port scan to determine what services are running on each active device in order to help with determine what types of vulnerability checks to perform against a port.
Active systems, or “live hosts”, are subsequently scanned via a commercial scanning tool(s), to identify vulnerabilities such as missing patches, misconfigurations, and risky services. The results are analyzed and verified, if applicable, for relevance.
In order to accurately measure/score the risk to the customer’s networks, MainNerve performs each and every network vulnerability scan using multiple frameworks (PCI, NIST) while utilizing the Common Vulnerability Scoring System Version 2 (CVSS v.2). CVSS v.2 is a widely-accepted standard for communicating the characteristics and impacts of IT vulnerabilities in organizations across the world. Its quantitative model ensures repeatable accurate measurement of vulnerabilities while enabling its users to see the underlying vulnerability characteristics that were used to generate the scores. The National Vulnerability Database (NVD) provides CVSS v.2 scores for almost all known vulnerabilities.
At MainNerve, the Reporting/Delivery phase of our network vulnerability scanning process is one we are incredibly proud of. We strive to effectively communicate the value of our service and findings—and provide you with the information you need to fix any identified vulnerabilities. A MainNerve Network Vulnerability Scan Final Report includes:
- Security Dashboard
- Risk Classification and Scoring
- Security Analysis
- Technical Summary
- Vulnerabilities by Severity
- Live Hosts by Severity
- Top 5 Most Vulnerable Hosts