SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
15 Apr 2014

Cloud-Based vulnerability management solutions

Cloud-based vulnerability scanning services can range from the core scanning services to components in a broader set of managed security services. In this article we will consider four such services: WebSAINT, ImmuniWeb, BeyondSaaS and Dell Secure Works Vulnerability Scanning service.

WebSAINT

SAINT has a long history in vulnerability scanning and the WebSAINT and WebSAINT Pro vulnerability scanning services make the SAINT scanner available through a SaaS model. The WebSAINT service includes PCI ASV scans, vulnerability scanning on external targets, scheduling options as well as multiple reports. The WebSAINT Pro version includes penetration testing, checklist compliance, Web application scanning along with custom and predefined reports.

The services scan TCP and UDP ports on customer devices or networks. When an application with known security concerns is detected, a detailed analysis is performed and results are stored for later reporting. Either service can be used without installing local agents. Scans can be performed on demand or on a schedule.

ImmuniWeb

The ImmuniWeb vulnerability assessment service from High-Tech Bridge takes a slightly different approach to scanning. The ImmuniWeb service uses both automated scanning and manual penetration testing to compile a report on your site’s vulnerabilities. The process required begins by registering your site with High-Tech Bridge and filling out an assessment based on your requirements. The scan and penetration tested is performed at an agreed upon time and completed within 12 hours. The assessment report is reviewed by a quality assurance team at High-Tech Bridge before being sent to the customer.

ImmuniWeb reports include three or more remediation techniques for each identified vulnerability. One advantage of the human review is that auditors can suggest the most appropriate remediation technique, such as modifying Web application source code, revising the Web application firewall rules, or applying a vendor supplied patch. The costs of an ImmuniWeb assessment is $639.

BeyondSaaS

For organizations most concerned with maintaining the security of external devices, such as web servers and web applications, services such as BeyondTrust's BeyondSaaS might have the right combination of products. The company offers unlimited network scans, starting at $3,500 per year as well as single web application assessments for $770 per application. 

The BeyondSaaS service includes assessments of network devices, operating systems, and ports while maintaining less than a 1 percent false positive rate. The web application scanning service detects SQL injection, Cross-Site Scripting, Cross-Site Request Forgery, and operating system command injection vulnerabilities. BeyondSaaS assessment reports include vulnerabilities and remediation suggestions. PCI compliance oriented reports are also available.

Additional products for internal scanning are available from BeyondTrust and include Retina Network Security Scanner and Retina CS. A free version of the scanner, the Retina Network Community edition, provides basic assessment and reporting on up to 256 IP devices.

Dell Secure Works

While ImmuniWeb and SAINT offer basic scanning services, companies with complex security requirements may want to consider managed security services, such as Dell Secure Works. Dell's offering includes vulnerability scanning based on QualysGuard Vulnerability Management technology. The services include scans of web servers, network devices, application servers, and databases in both on-premises and cloud deployments.

The QualysGuard vulnerability scanner is agentless and provides device discovery operations. The scanning services include regular updates to the vulnerability database, detailed reports including exploitability information, and zero-day threat intelligence. The Dell service includes a vulnerability management team, flexible reporting, and remediation workflows available through a service portal.

Dell's vulnerability scanning service is sufficient to comply with PCI, HIPAA, GLBA and NERC CIP requirements.

Tags:
data protection
Source:
Tom's IT Pro
1658
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015