SOT
Technology
SOAR
Security Orchestration, Automation and Response
NG SOAR
Next Generation SOAR
AM
Asset Management
VS
Vulnerability Scanner
VM
Vulnerability Management
FinCERT
Financial Computer Emergency Response Team
GovCERT
Government Computer Emergency Response Team
Product overview
Scanning information assets with enrichment from any external services (additional scanners, The Data Security Threats Database and other analytical databases) to analyze the security of the infrastructure.
Security Vision VS is designed to automate scanning to find technical vulnerabilities and monitor the state of assets in terms of security level and allows you to proactively identify weaknesses in the infrastructure before they are exploited by attackers.
The product helps to assess the overall security level of the system and identify the most critical threats, complying with the requirements of strategic security and providing a foundation for the vulnerability management process.
Application
Vulnerability detection
The scanner supports several modes of operation, including white (audit) and black (pentest) mailbox modes, scanning of web applications and containers, as well as file and retrospective scanning to instantly find vulnerabilities from previous work results.
Regular verification
Scan management is flexibly configured using schedules and defining "windows" for security checks (up to each asset of the company), and based on the results, criticality and SLA are automatically determined depending on the parameters of the objects (CIAT, CVSS, etc.)
Scanners and results management
Due to the support of a large number of system and application software and containers, the possibility of applying an alienated agent for isolated network segments, the product provides high-quality results and additionally supports simultaneous work with third-party scanners.
Examples and integrations
Supported types of object
The product is able to look for vulnerabilities in a large number of system and application software, as well as network devices, for example:
- Operating systems Astra Linux, Alt linux, Redhat, Ubuntu, Red Hat, CentOS, Alt Linux, Oracle Linux, Debian, including all possible Debian-based systems, Windows desktop and server versions;
- MS Office (with click-to-run, exchange, sharepoint versions), databases (MS SQL, PostgreSQL, MySQL, Oracle, Elasticsearch);
- network devices (Cisco, Juniper, CheckPoint, PaloAlto, Sun, etc.);
- Docker containers (running and stopped) and their images.
Advanced modes of operation
In addition to the white box for audit and security analysis, a black box (or pentest) is supported, which checks the possibility of exploiting network vulnerabilities and using the most serious exploits, with support for select weak passwords, check outdated/vulnerable encryption algorithms, and using more than 80 fully open expert scripts.
Web application scanning conducts verification on XSS, CSRF vulnerabilities, SQL injection, RFI, Code injection, disclosure of internal information and site settings, user search, as well as check of exploitation of specific Web vulnerabilities.
Container scanning allows you to perform checks on containers running and stopped at the time of scanning, their images, including in environments managed by Kubernetes, available on the host.
Retro scan provides instant vulnerability search based on previously obtained asset data (without connecting to them and waiting for windows scan), this is the fastest mode of operation, which is convenient to use for frequent checks for new vulnerabilities and for point search for internal and external requests.
Multiscanner
Vulnerability parameters
Vulnerability cards can be generated independently through the built-in object editor or using pre-configured metrics:
- CVSS v2.0/3.0/3.1 (baseline and )
• Базовый вектор (Attack Complexity, User Interaction, Scope, Confidentiality и Integrity Impact, вектор атаки, требуемые привилегии)
• Временной вектор (Exploit Code Maturity, Remediation Level, Report Confidence)
The full card displays detailed information about the vulnerability (ID, creation date, criticality) with the ability to use tags (by matching part of the description text with one of the entries in the custom handbook). General information includes the CVE code, dates of first and last detection and other information from all available sources.
Analysis of the obtained vulnerabilities and the bond graph
Depending on the applied security scanners, external and internal analytical services, the solution builds links between objects for quick navigation through cards or link graphs (vulnerability groups, remediation requests, assets and other objects).
Additionally, clickable links to remediation guides and vulnerability descriptions from various sources are provided.
Report generation
For vulnerabilities andtrouble tickets, you can generate a report using your own pattern for uploading as a file in various formats:
• pdf;• txt;
• docx;
• xlsx;
• ods;
• odt;
• csv.
Reports can contain any properties obtained in the vulnerability remediation cycle.
The appearance can be customized granularly with the choice of fonts, colors, images and logos, diagrams, indents, numbering, headers and footers, and other characteristics.
Get a demo of a
Security Vision product
Mail us to
sales@securityvision.ru
or get a demo
Media
Security Vision Next Generation VM (Vulnerability Management) (long version)
Still have questions?