Search
Home > Expertise > Network Management > Vulnerability Assessment Service > Overview >

Vulnerability Assessment Service - Overview

NetStar's Vulnerability Scanning Service provides a comprehensive, non-intrusive scan of customer's IT infrastructure.

It is designed to help organisations manage vulnerabilities that may affect their business if a threat exists, and has the most complete repository of all known vulnerabilities. The service can scan for vulnerabilities on all IP-based systems.

The key deliverable of the service is the automated report, which is available in a variety of formats. It prioritizes vulnerabilities and enables you to rapidly identify and remediate the risks that represent the greatest threat:

  • Vulnerabilities summarized by risk level
  • Top vulnerabilities by host and service
  • Explanations of each vulnerability and recommended remediation.

Why is Vulnerability Scanning important?

The rate at which new vulnerabilities in existing technologies are being discovered is increasing exponentially. The time period between discovering a new vulnerability and its exploitation is getting shorter all the time. Many enterprises find it a major challenge to maintain their security posture on the face of these fast emerging threats and vulnerabilities.

The 2007 CSI Annual Computer Crime and Security Survey - one of the most reputable and widely quoted set of statistics in the industry - reported a significant upswing in estimated losses from cyber-crime, after years of decline. Many of the top dollar amount losses by type of attack, below, can be attributed - directly or indirectly - to vulnerabilities that were exploited.

The CSI report noted that as the IT sector retools its applications using service-oriented architectures this will "create a mother lode of new vulnerabilities that will be very difficult to contain".

ROI case for a Vulnerability Assessment Service

The ability to perform effective internal vulnerability assessment often requires a (costly) specialized network security team. Many commercial vulnerability assessment solutions are deemed too costly to invest in for a process not seen as a top priority. The periodic vulnerability assessment services offered by third-party security service providers are mainly used by enterprises for periodic assessment in compliance reporting or during major infrastructure changes, and are fairly expensive due to their bespoke and people-intensive nature.

While NetStar does not recommend that a vulnerability scan completelt replaces periodic, detailed security assessments by a security consultant, the Vulnerability Assessment Service makes it a cost-effective solution for regular scanning that achieves prompt response and protection against the latest vulnerabilities.