Managed Vulnerability Scanning Service 1

Managed Vulnerability Scanning Service

I.T. Security Specialists

2 Managed Vulnerability Scanning Service

BACKGROUND

Vulnerabilities are regularly discovered within networks, operating systems and applications. These occur due to software bugs, flaws or weaknesses in system security design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system’s security policy.

At Caretower, our Managed Vulnerability Service provides a comprehensive scan of your systems to identify any vulnerability. This can be done by supplementing your existing IT team or by outsourcing to our security operations team. We offer 24/7 cover, giving peace of mind that your information and infrastructure are protected against emerging threats by our highly-skilled security professionals using best of breed solutions.

Caretower Managed Vulnerability Scanning ServiceOur managed Vulnerability Scanning service utilises the Nessus vulnerability scanner. Nessus is recognised as the industry leader for vulnerability, configuration and compliance assessments, it is the world’s most widely deployed vulnerability scanner. Nessus prevents network attacks by identifying the vulnerabilities and configuration issues that hackers use to penetrate your network.

Nessus supports the widest range of network devices, operating systems, databases and applications in physical, virtual and cloud infrastructures. With a continuously updated library of more than 60,000 vulnerability and configuration checks (plugins), it can deliver the following scanning capabilities:

Î Accurate, high-speed asset discovery

Î Compliance auditing: FFIEC, FISMA, CyberScope Reporting Protocol, GLBA, HIPAA/HITECH, NERC, PCI, SCAP, SOX

Î Configuration auditing: CERT, CIS, COBIT/ITIL, DISA STIGs, FDCC, IBM iSeries, ISO, NIST, NSA

Î Patch auditing: Includes patch management integration with IBM® TEM for Patch Management, Microsoft® SCCM and WSUS, Red Hat® Network Satellite Server, and VMware® Go

Î Control systems auditing: SCADA systems, devices, and applications

Managed Vulnerability Scanning Service 3

Î Sensitive content auditing: PII (credit card numbers, SSNs) and intellectual property

Î Mobile device auditing: Lists iOS, Android™, and Windows Phone 7 devices accessing the network and detects mobile vulnerabilities

Î Vulnerability scanning for:

Î Network devices: Juniper, Cisco, Palo Alto Networks, firewalls, printers, and more

Î Virtual hosts: VMware ESX, ESXi, vSphere, vCenter

Î Operating systems: Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries

Î Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL

Î Web applications: Web servers, web services, OWASP vulnerabilities

Î Compromise detection: Viruses, malware, backdoors, hosts communicating with botnet-infected systems, web services linking to malicious content

Î IPv4/IPv6/hybrid networks

Î Credentialed scanning detects local vulnerabilities and conditions

Î Non-credentialed network-based scanning finds new hosts and vulnerabilities

This product has the capability of flexible and customisable reporting on discovered vulnerabilities and their severity, scan results, remediation recommendations, and scan improvements via email.

Before our Managed Vulnerability Scanning service goes live, we consult with the customer regarding the frequency and type of scans required. Internal scans will require installation of a Nessus agent on the customer’s premises.

If you would like more information on any

of our services, please speak to your dedicated Caretower

Account Manager or if you don’t have one, email:

info@caretower.com

4 Managed Vulnerability Scanning Service

We always put our clients first. To ensure you get the most use out of your managed services, we provide the option of various types of scans to suit your requirements.

The following table outlines the frequency and types of scans that can be configured and scheduled.

Scan Type Weekly Monthly Quarterly

Basic (external)

Basic (internal)

Advanced (external)

Advanced (internal)

These scan types can be combined at varying time intervals, for example a basic scan can be run weekly, and an advanced scan monthly. Once a scan is run, a report will be sent to the customer via email.

Recipients of these reports will be agreed with customers during service setup and transition. Scans can be run on the external or internal network, safely and accurately detecting vulnerabilities across the entire network or cloud environment.

MANAGeD VUlNeRABility SCANNiNG SeRViCe eleMeNtS

Managed Vulnerability Scanning Service 5

SCANNeR teMplAteS NAMeS AND DeSCRiptiONS

Scanner Template Name Scanner Template Description

Basic Scan

Basic Network Scan For users scanning internal or external hosts.

advanced Scan

Advanced Scan Scan template for users who want total control of their scan or policy configuration.

Audit Cloud InfrastructureCompliance specific template used for auditing the configuration of third-party cloud services.

Bash Shellshock Detection Remote and credentialed checks for the Bash Shellshock vulnerability.

Credentialed Patch Audit Log in to systems and enumerate missing software updates.

GHOST (glibc) Detection Credentialed checks for the GHOST vulnerability.

Host Discovery Identifies live hosts and open ports.

Internal PCI Network Scan

For companies required to run an internal scan to meet Payment Card Industry Data Security Standards (PCI DSS) internal scanning requirements (11.2.1).

In addition, Nessus Cloud is Tenable’s Approved Scanning Vendor (ASV) solution for adherence to PCI DSS 11.2.2 external scanning requirements by performing vulnerability scans of Internet facing environments.

MDM Config AuditCompliance specific template used for auditing the configuration of Mobile Device Managers (MDM).

Mobile Device Scan For users of Apple Profile Manager, ADSI, MobileIron, or Good MDM.

Offline Config AuditCompliance specific template used to upload and audit the config file of a network device.

PCI Quarterly External ScanAn approved policy for quarterly external scanning required by PCI. This is offered on Nessus Cloud only.

Policy Compliance AuditingCompliance specific template used to audit system configurations against a known baseline provided by the user.

SCAP and OVAL Compliance Auditing

Compliance specific template used to audit systems using Security Content Automation Protocol (SCAP) and OVAL definitions.

Web Application Tests For users performing generic web application scans.

Windows Malware Scan For users searching for malware on Windows systems.

The advanced scan gives the administrator total control over the policies, plugins and compliance checks, and also enables utilisation of custom audit files and gives the ability to configure speciality scans as in the table.

Why CARetOWeR?As an independent IT security specialist, with over 17 years’ experience, we provide comprehensive solutions to individual problems, thus allowing our recommendations to be unbiased. Over the years, we have quickly established many long standing relationships with all of our vendors, achieving the highest status within these organisations based on the level of expertise within our internal sales, support and professional services teams.

This relationship ensures we provide our customers with key changes within the industry which assists in their on-going security management strategy.

Î Live global 24/7 Managed Service

Î Dedicated GIAC Certified Digital Forensic Security Engineers (SANS (SysAdmin, Audit, Networking, and Security) Institute)

Î We are CSA (Cloud Security Alliance) member and ISO 27001 Accredited

Get in touch:

020 8372 1000

info@caretower.com

www.caretower.com