October 19, 2017
A vulnerability scan is a technical security assessment which uses a set of tools to scan the network for known vulnerabilities (e.g. open ports, unpatched security updates) – sometimes incorrectly referred to as a Penetration Test.
A penetration test is basically an ethical hacker, hired to try and get into your organisation; via physical access to the building, using a fake ID, spoof phishing emails, or remote hacking – and will always be hugely successful if you have not adequately prepared your defences. First, you need to understand how to improve your security, close the wide-open doors and manage your infrastructure to ensure the doors remain closed. So, let’s look in-depth: What is a Vulnerability Scan and does my company need one?
The short answer is yes, your company does need one, but here’s why…
Vulnerability scans in depth
Vulnerability assessments are a scan which uses specialist tools to analyse your entire IT estate – network and servers, both external to the network (viewing the network from the outside) and internal to the network (from the inside). After the scanning software is deployed, the results are analysed and presented in actionable steps to correct security flaws.
If near the beginning of a journey to improve your company’s security, a vulnerability scan is a great way to set a benchmark from which future progress will be measured, as well as highlighting your most critical vulnerabilities from which a set of clear, actionable steps can be produced.
An organisation might not have recently reviewed their security, have a new team in place, or the IT infrastructure may have recently changed, through transformation, or acquisition of new companies or departments. Forming a prioritised, focused plan of action is critical to ensure the most effective steps are taken first, and precious time is not wasted within an already overstretched IT team.
With Comtact’s in-depth Vulnerability Scans, we paint the picture of your current state of security, giving you a number of quick wins that with significantly improve your security footprint in the fewest steps possible.
Carrying out the vulnerability scan
For internal vulnerability scans, on-site access is required to the internal company network, to plug in our suite of scanning tools into a suitable network port – full access is required. If the network is large, we find out how the network is segmented and perform systematic scans, each taking a number of hours. The scans need to be broken up into manageable, and logical chunks. For example, if there are 20 users on one site and 20 on the other, then each scan will be segmented by IP. Any high-value servers will be isolated and scanned individually.
The scans cross the network and checks every single available device, so the scans will check every printer, workstation, switch, firewall, server etc. It’s important to have an experienced individual complete the scans since, for example, for multiple servers, each server needs a separate scan. If scans are not segmented properly, there’s a risk of adversely affecting network performance if you scan all ports at the same time.
It is important to remember that a vulnerability scan is snapshot, a point in time. The scan produces a data dump, which is then analysed and processed, selecting items of importance and ranking them by priority, to ensure critical vulnerabilities can be quickly identified and fixed.
The results come back in a standard code of: Critical vulnerabilities; High vulnerabilities; Medium vulnerabilities; Low vulnerabilities; and Informational.
We then compile the data into easily readable charts to give a snapshot of how many critical and high vulnerabilities a company has – and then puts an action plan, or directly assists the organisation correct those issues, depending on the service each company requires.
Why would my company need a vulnerability scan?
Unless your company has already assessed your security patching policies and tested for open ports, unsupported software etc., every company would benefit from a vulnerability scan.
In fact, a quarterly vulnerability scan is the minimum requirement for the government-backed Cyber Essentials certification, and more regular assessment is advised for your most critical services. Experience shows that a scan will almost always uncover ‘Critical’ vulnerabilities, as well as act as a benchmark to prove the success of security policy improvements.
Other reasons you may require a vulnerability scan are:
- You’re being audited.
- For accreditation purposes – such as ISO27001.
- Achieving Cyber Essentials certification.
- Trying to understand the general status of your security.
Why choose Comtact to conduct your vulnerability scan?
A vulnerability assessment scan represents a highly effective first step towards a more secure IT security posture – and can make your organisation considerably less attractive to hackers in a matter of days.
Our expert assessment provides a comprehensive and detailed snapshot of your IT infrastructure, highlighting your exposure to known vulnerabilities, closing the door to attack from ransomware and other malware.
Once we’ve identified your vulnerabilities, you’ll receive an easy to digest report, with expert recommendations and remediation advice, with prioritised actions based on risk to emphasise the most effective course of action.
To help you make an informed decision, download our sample report to see how we can help you quickly reduce your exposure to known vulnerabilities.
“Getting the report back was very quick to help us understand where our vulnerabilities were. Comtact alerted us to a critical vulnerability and had it remediated within 15 minutes…. ”
IT Director, Elysium Healthcare
- Getting ready for Cyber Essentials PLUS certification
- 5 steps to get your business ready for Cyber Essentials certification
- Why is security patch management so important?
- The 5 critical security controls of Cyber Essentials PLUS
- INFOGRAPHIC: The 8 most common type of cyber attacks
About Comtact Ltd.
Comtact Ltd. is a government-approved Cyber Security and IT Managed Service Provider, supporting clients 24/7 from our ISO27001-accredited UK Security Operations Centre (SOC).
Located at the heart of a high security, controlled-access Tier 3 data centre, Comtact’s state-of-the-art UK Cyber Defence Centre (SOC) targets, hunts & disrupts hacker behaviour, as part of a multi-layered security defence, to help secure some of the UK’s leading organisations