Security Vision introduces updated Vulnerability Scanner, which significantly enhances security monitoring capabilities for corporate infrastructure. This version includes new analytics tools, expanded scanning capabilities, and improved vulnerability identification process management.
A scan log with vulnerability lifecycle tracking
Has been implemented, enabling monitoring of the full lifecycle of each vulnerability on an asset. The system automatically records the date a vulnerability was first detected and calculates its lifetime on the asset. All fixed vulnerabilities are stored in the log for analyzing the security team's performance. The log automatically compares the results of successive scans, highlighting new, resolved, and remaining vulnerabilities, allowing you to see the dynamics of problem resolution over time.
Enhanced support for Russian regulatory requirements.
An updated algorithm for calculating vulnerability severity and determining remediation deadlines has been implemented in accordance with the FSTEC methodology of June 30, 2025. The system takes into account new regulatory requirements and automatically generates recommendations for remediation deadlines, helping organizations comply with current regulatory requirements.
Enhanced network hardware scanning:
Support for network hardware from leading manufacturers has been significantly expanded. Full support for PaloAlto devices has been added. Networks – the system can scan firewalls and next-generation security solutions via SSH, retrieve vulnerability data and remediation recommendations from official vendor sources. For all supported vendors, vulnerability reports are automatically updated with remediation information.
Improved scanning process management.
New scanning task management features have been added: detailed real-time scanning status display with progress indicators, as well as monitoring of running processes with the ability to force them to stop. The interface for creating and managing scan templates has been completely redesigned to make it easier to configure parameters and reuse configurations.
Expanded BlackBox Testing Capabilities:
BlackBox scanning functionality has been significantly expanded. Checks for current critical vulnerabilities in popular libraries and frameworks have been added, along with integration of automated SQL testing tools. Injection, as well as automatic detection of web technologies used for a more accurate attack surface assessment. Specialized modules for security testing of popular DBMSs have been implemented.
The ability to control scanning intensity for both BlackBox and WhiteBox modes has been added. This allows for flexible adjustment of the load on target systems, avoiding overloading critical services during security checks.
Gentoo Support Linux
Added full support for the Gentoo distribution Linux – both as a source of vulnerabilities and for scanning. The system automatically detects installed packages and their versions, comparing them with up-to-date vulnerability data from official Gentoo sources.
APCS Testing:
Support for the Modbus protocol has been added for detecting vulnerabilities in automated process control systems. This allows industrial organizations to conduct a comprehensive security assessment of not only their IT but also their OT infrastructure.
WMI scanning Windows
Added the ability to scan Windows systems via WMI (Windows Management Instrumentation) to obtain information about installed software and updates. WMI scanning is available in both agent-based and agentless modes, providing deployment flexibility across various infrastructures. Extended WMI inventory includes data collection on installed Windows updates (KBs), DNS configuration, and installed applications.
Vulnerability Reachability Graph
A mechanism for constructing a vulnerability reachability graph based on the network infrastructure topology has been implemented. The system automatically analyzes firewall rules and routing, determining which vulnerable systems could be reached by a potential attacker from various points on the network. This allows for a more accurate assessment of real risks and prioritization of vulnerability remediation based on their actual reachability, not just their theoretical criticality.
Expanded vulnerability assessment and enrichment.
The entire vulnerability database is provided with a Russian translation while preserving the original text, allowing security specialists to work with information in their native language without losing access to the original wording.
Vulnerability cards are enriched with additional metrics and recommendations: exploitation probability assessments, data on vulnerable systems detected on the public internet, and expanded vulnerability remediation recommendations from the National Coordination Center for Cybersecurity and Information Security. All metrics are regularly updated, ensuring the relevance of information for decision-making.
For the FSTEC methodology, vulnerability and asset data is also automatically enriched to meet the regulator's requirements.
Dynamic Asset Groups and Categorization:
Dynamic asset groups have been implemented, automatically generated based on specified criteria (OS type, version, vulnerability presence, etc.). A directory of asset categories has been added, along with the ability to automatically classify them based on service banners and other characteristics. Automatic infrastructure inventory capabilities have been expanded, including scanning by FQDN list and inventorying various equipment types.
Results
Updated version of Vulnerability Scanner provides information security teams with significantly deeper capabilities to analyze their security posture, prioritize work based on real threats, and monitor the effectiveness of vulnerability remediation.
.jpg)
