The ever-changing nature of networks requires organizations to constantly reassess their network, server and workstation security. The number of known software and operating system vulnerabilities increases by the dozen every single day. By Multiplying possible targets with all known vulnerabilities, you end up with a huge number that nearly increases exponentially. All it takes is a single vulnerable host to bring you down. Basically, your network is only as strong as its weakest link. How does an IT organization stay abreast of security in this shifting landscape? The answer is Vulnerability Scanning.
Vulnerability scanning is the best way to provide controlled, repeatable security analysis of the hosts and devices on your network. By probing your hosts and comparing the output with known vulnerabilities published in the CVE, CAN and other exploit databases, a vulnerability scanner can tell you which of your hosts are vulnerable to the Nimda worm, a remote buffer overflow exploit, or an exotic race condition. The more often you probe your network, the more likely you are to catch problem boxes before they happen, or discover previously unknown vulnerabilities in hosts you once thought of as "clean." In addition, an IT organization can use the technology to test standardized desktop/server images for patchable issues prior to release, identify rogue devices on your network, or track down a contractor laptop with a backdoor trojan installed on it.
Prometheus Global has spent many years working with the top vulnerability scanning products and has even developed some of their own. From the venerable nmap to the up-and-coming priducts such as hadow Security Scanner, Prometheus Global has worked with them all. We can assist you by performing periodic vulnerability scans of your network and providing you with detailed reports to help you track down and eliminate vulnerable hosts. We can also assist you in developing your own in-house vulnerability scanning capability, with product and technical support and guidance, as well as training to get your staff started.
Most large-scale attacks and compromises do not come from exotic zero-day attacks but rather from known, patchable vulnerabilities that went unnoticed. Avoid being a statistic. Start your vulnerability scanning program today.