How can you do better vulnerability assessments?
There are many vulnerability scanning solutions on the market. They all use the daily feeds from the NIST National Vulnerability database as a core data feed. Each of your systems is scanned (often an agent needs to be installed to scan non-network visible components). The process of installing, often a dissolvable agent, scanning and processing the results for a large network can take a considerable time. This means that manyorganisation scan weekly, monthly or, in some cases, only once a year.
Key problems with traditional scheduled scans include:
- They are not responsive to new, critical vulnerabilities that maybe found between scans
- They are often run at quiet times – to reduce the impact of scanning loads – and may miss connected systems
- They are often disconnected from the discovery / asset management process, again, meaning systems may be missed
- They often lack information so that a prioritised change plan can be quickly built – adding to workload and adding delays to plugging vulnerability holes.
How can Rebasoft help?
Rebasoft’s real-time asset discovery capability means you get the latest, detailed knowledge of every assetyou need to protect. There are facilities for tagging the most important systems to help with remediation priorities in your change control processes.
Our vulnerability scanning capability means the system can be scheduled to scan every device it finds – without you needing to manually set each scan up. It means
- Regular scans will pick up relevant vulnerabilities automatically
- Cross-referencing with device importance – and current connection status – means assessing and building change requests to install the most critical updates can be done with less effort and more accuracy