Vulnerability Scanning Tools
Vulnerability scanning tools can help you automate security auditing and can play a crucial part in your IT security strategy. Finding vulnerabilities goes beyond simply scanning for services that are exposed to the network. Successful vulnerability scanning also involves deep inspection of endpoints to ensure that they are configured securely and correctly.
Stay ahead of threats…pre-empt vulnerabilities with Vulnerability Scanning Tools!
Endpoint Vulnerability Scanning
While vulnerability scanners are great at detecting known security threats on endpoints, they have several problems that make continuous or frequent vulnerability detection difficult. One major issue is the fact that scanners are only looking at the network-exposed services on an end point. Another issue is bandwidth; vulnerability scanners operate using a “black box” approach that requires them to attempt to connect to end points dozens – and sometimes, even hundreds – of times, potentially saturating networks and impacting critical services operating across the network.
End point vulnerability scanning and detection through Promisec takes an entirely different approach.
- Leveraging our patented agentless technology, we can inspect an endpoint completely in 10 seconds or less and determine immediately any known CVE’s for the installed applications running on that endpoint.
- This allows customers to run Promisec technology across their entire enterprise, during business hours including their production environments.
- By being fast, unobtrusive, remote but application focused, we believe you can achieve true endpoint vulnerability detection at scale.
Scan, Prioritize and Remediate vulnerabilities with ease
As part of the security inspection:
- While inspecting an endpoint, we can Start/Stop Services if set in the inspection policy
- Kill processes if set in the inspection policy
- Attempt to start Antivirus if not running
Once the inspection completes and the results are processed:
The solution allows the operators to perform manual remediation operations:
- Install Software
- Uninstall software
- Add/Remove Administrators of the local admin group
- Remove open shares
- Browse endpoint local drives
- Remote Control operations on an Endpoint
- User defined actions
The solution offers the ability to remediate without operator intervention based on the results of an inspection that will be used to trigger the action:
- Install Software
- Uninstall applications from our Blacklist
- Uninstall applications not in the Blacklist using VBS/BAT scripting
- Run Commands
- Implement user-defined specific actions via scripts/command lines