With increasingly sophisticated attacks on the rise, the ability to quickly mitigate network vulnerabilities is imperative. If left undetected, vulnerabilities could pose a serious security threat to customers by leaving flaws available for criminals to exploit.
CNS Mosaic Managed Services use a Unified Security Management (USM) Platform to provide Vulnerability Management.
This module is designed to proactively identify weaknesses in the security posture of their IT estate. The module is designed to
- Know what's connected to your network
- Create and schedule unlimited vulnerability scans
- Use authenticated and unauthenticated scanning modes
- Use active and passive scanning modes
- Schedule run and email distribute (if required) standard and customised reports
- Correlate asset, vulnerability, and threat data automatically
Vulnerability Assessment and Remediation
In built scanners look for known security problems such as unpatched, insecure or poorly configured software, open TCP ports, etc. These can be run on an ad hoc or scheduled basis. Running vulnerability test ensure:
- Keep up with Software Patches.
- Ensure customers are aware of critical assets.
- Ability to identify which assets are vulnerable when doing incident response.
- Determine which vulnerabilities require immediate attention.
- Set up a scanning and reporting cadence.
- Keep an eye on known bad actors
Vulnerability Scanning and Reporting
Regular vulnerability scanning is a critical component of all successful information security programs and is a required component for many compliance regimes (such as HMG, ISO27001 and PCI-DSS). Scheduled scanning and reporting ensures a continuous holistic view of the potential weaknesses on customer networks.
Scheduled scans are automatically run against assets and the reports created can then be used to provide early identification of security flaws. Remediation plans can then be regularly updated to ensure our customers can react quickly and appropriately, close security holes and help defend against attacks and data compromises.