Identify all your theoretical web application and network security weakness.
Vulnerability Scanning
CyberHunter Solutions offers one-time or regularly scheduled vulnerability scans of your external perimeter, web applications or internal network. Track your risk improvement over time with our automated scanning services. Receive detailed remediation reports to harden your network fast.
Vulnerability Scanning
Also known as a Vulnerability Assessment or Vulnerability Management this service is used to identify KNOWN security issues that can theoretically be exploited to impact the Confidentiality, Integrity and / or Availability of your corporate data or services.
44%
The percentage of threats that go undetected by traditional, automated cyber security tools (AV, NGFW, SIEM, etc.)
6 Months
This is the AVERAGE amount of time that an attacker dwells in a network until discovered (usually by an outside organization).
70%
The percentage of organizations who say their top cyber security challenge is the detection of hidden, unknown and emerging threats.
The right Vulnerability Assessment can save you from being the next headline.
Continuous Vulnerability Management is one of the most fundamental cyber security services an organization can perform and is considered one of the “Basic Controls” by the Center for Internet Security (CIS).
Vulnerability Scans can be performed at various layers of the technology being tested. For example, a web server can be tested at both the web application layer, AND it can be tested at the server layer to assess the configuration of the host platform.
In plain terms, if we imagine that your application or network device is a locked door, a vulnerability scan tries to identify all the known keyholes that exist on that door. Vulnerability scanning does not attempt to open the locks…that is what penetration testing does.
CyberHunter performs the following types of Vulnerability Scans:
- External scanning of the network perimeter
- Internal scanning of devices inside the network
- Web Application Scanning (with or without credentials)
- One-time vulnerability scans
- Continuous vulnerability scans (e.g. monthly, quarterly, etc.)
- Vulnerability Scanning can be performed against the following types of targets:
- Laptops / desktops, and any connected device with an IP address
- Servers (on-premise or cloud-hosted)
- Network security devices (e.g. firewalls)
Websites and Applications
Vulnerability Assessments vs. Penetration Tests?
Vulnerability assessments and penetration testing are terms that are used interchangeably but are ultimately different services. In plain terms, a vulnerability assessment is like a thief making a note of all your points of entry and identifying the locks you have in place. Penetration testing, on the other hand, is actually picking the lock and getting inside — but with permission.
What is a Compromise Assessment?
A compromise assessment is a proactive survey of networked devices (e.g. Windows desktops) in order to detect threats that have evaded existing security controls inside the organization. The goal is to reduce Dwell Time of attackers (catch them before they do damage), and to regularly measure the effectiveness of your security posture by providing hard evidence of the forensic state of the endpoints.
Any Threat Assessment Should Be:
- Effective – At detecting all known variants of malware, remote access tools, and indications of unauthorized access.
- Fast – Assess a large network within hours.
- Affordable – A typical organization should be able to conduct it proactively and regularly (i.e. weekly/monthly/quarterly).
- Independent – The assessment should not rely on existing detection tools already in the environment.
Why Choose CyberHunter?
- The CyberHunter Pen Test 2.0 methodology leverages the most advanced tools, techniques and procedures in the industry to enumerate, identify and report on your existing security posture.
- We are the only threat assessment solution that can perform an advanced Vulnerability Scan and Pen Test while simultaneously hunting for, and identifying Advanced Persistent Threats that are ALREADY embedded in you network.
- CyberHunter gives you the insight and cyber intelligence you need to be proactive.
BE PROACTIVE.
Trust in a network device is very temporary. Be proactive and ensure you scan, test and hunt on a regular basis.
TRUST NOTHING.
Security teams should NEVER trust an endpoint or server until it can be PROVEN to be trusted.
MALWARE CAN GET IN.
Companies need to prepare and be ready to respond to advanced persistent threats.