IT Networks. How Frequently Should You Run A Vulnerability Audit?

vulnerability audit

Caption: Zen and the art of cyber security. Find out how daily security audits beat bi-annual pentests.

Some companies think that a bi-annual ‘pentest’ penetration test will keep their network safe. But the fact that, on average, 18 new cyber attack risks are discovered each day (in response to which SecludIT adds 18 vulnerabilities to its autoscan database of network threats) suggests that a daily scan is the way to go.

However, for CISOs and C-suites who are used to the ‘nuclear deterrent’ of a full pentest, the prospect of a daily IT scan seems too radical. “Surely,” they think, “our network will grind to a halt as all our system resources are diverted to finding today’s new vulnerabilities.”

Sergio Loureiro, CEO of SecludIT agrees with those worries. “Pentests do have an important part to play in network protection, but they are so disruptive that doing them more than twice a year is, for most CISOs, unthinkable.”

“That’s why we developed our Elastic Detector vulnerability scanning software. It is low enough on system resources to enable a daily scan, but dives deep enough into the network to give security teams complete peace of mind.”

 

Zen and the art of cyber security.

Frédéric Donnat, security expert and CTO at SecludIT, picks up the story. “Our Elastic Detector software currently tests for over 60,000 vulnerabilities … and we’re adding new threats to our database at an average of over 18 per day. So if you wait until the next bi-annual pentest in six months time, a potential 3,240 vulnerabilities could have found their way onto your network. No wonder users find that penetration tests are so disruptive. They have a massive amount of work to do.”

“But Elastic Detector is different,” explains Frédéric. “Our little-but-often approach has no virtually effect on network performance and means that daily scans can find problems while they are still small … and will not have had sufficient time to be discovered and exploited by hackers..”

What percentage of Elastic Detector scans discover security issues? “Over 98% of first time scans reveal problems, even days after a pentest,” says Frédéric. “And as we have carried out over a million corporate network scans in the last few years, that number is statistically relevant.”

Sergio adds that Elastic Detector doesn’t just make a network more secure, it also reduces the overall cost of cyber security. “Elastic Detector puts 80% of the cyber security task on autopilot. So the actual remediation – whether it is by companies like KPMG, CapGemini or ourselves – is smarter, more focused and only takes 20% of the time.”

 

Daily vulnerability updates from recognized authorities.

The security experts at SecludIT add to the list of vulnerabilities by working with information from leading security organizations, including:
Anssi logo     Cloud Security Alliance logo    CIS Supporter    owasp logo     pci logo

– ANSSI (French “Agence Nationale de la Sécurité des Systèmes d’Information”),

– CSA (World “Cloud Security Alliance”)

– CIS (World “Center for Internet Security).

– OWASP (World “Open Web Application Security Project”),

– PCI-DSS (World “Payment Card Industry : Data Security Standard”),

But the security team at SecludIT don’t stop at simply finding vulnerabilities. They help customers to resolve any issues as well.

“Our vulnerability scan creates a prioritized list of network threats with remediation tips, so even non security specialists can fix problems in order of their potential risk to the business,” explains Sergio.

 

Find out more about continuous cyber-attack vulnerability assessments.

Elastic Detector has more features which have made it the first choice for security teams around the world. These include:

– Prioritized vulnerability lists with remediation tips.

Key Risk Indicator report for the C-suite.

– Works with cloud, virtual and hybrid networks.

– User-defined scanning periods, even hourly or overnight.

– Optionally scan cloned servers, for ‘near zero’ network overhead.

– Scan servers which are switched off, to avoid dormant vulnerabilities.

– Implementation support from our inhouse security team.

If you’d like to know about the popular Elastic Detector network vulnerability ‘find & fix’ solution, please get in touch.

Leave a Reply