Imagine you didn’t run the virus checker on your laptop for 6 months. When you eventually re-enabled your computer, the amount of software updates and virus vulnerabilities would be considerable. That’s why most people are happy to leave their OS and virus-checker security updates to happen daily.
That scenario is exactly the same with corporate network pentests. Many organizations run a pentest every six months, which is a radical procedure that can cause major disruption for the IT team and reduced performance for users.
A more sublime approach – and one that IT security managers are increasingly adopting – is to have a daily vulnerability audit.
“Reduce the window of opportunity for hackers and malware by over 99%.”
During 2015, security researchers around the world discovered an average of 18 new network vulnerabilities a day, which the SecludIT team add to their threat scanning list 24/7. True, not every vulnerability applies to every network … but the figure still underlines how a daily audit dramatically reduces the odds of being hacked.
Sergio Loureiro – the founder and CEO of SecludIT – explains. “With a daily vulnerability assessment, your risk window for malware and hacker attacks is never more than about 23 hours,” Sergio says. “But if you wait six months for the next penetration test, that figure shoots up 4,320 hours between checks. Statistically, the vulnerability of your network goes from miniscule to massive.”
Student hackers practice on your network 24/7.
There are several forums that share news about the latest vulnerabilities. So called ‘zero day’ websites list the latest vulnerability found on networks – say in software drivers or file configurations – that can be exploited.
And around the world there are thousands of wannabe hackers who can test their skills on your network, just to see if they can get lucky. Check out YouTube to see some of the hacking lessons that are freely available. This example video shows how to use Kali Linux to attack PCs.
Professional hackers even employ teams of highly trained technicians whose only objective is to gain access to corporate sites.
As Sergio says: “All these hackers need is an IP address in order to start probing a network to test their emerging skills.”
“Within that context”, Sergio adds, “a six-monthly pentest just doesn’t cut it. Hackers are working 24/7 to exploit vulnerabilities, so companies can’t afford to stick their head in the sand for 180 days until the next pentest comes around.”
Daily security audits are less disruptive than pentests.
In addition to reducing the window of opportunity for hackers, daily vulnerability audits are also less traumatic of IT teams, and less disruptive for users.
Whereas pentests are like a twice-yearly radical surgery to find and remove the last six month’s worth of threats, a daily vulnerability check can stop problems before they become significant and affect network performance.
“Most of the threats we find don’t even need the intervention of a network security specialist,” Sergio says. We provide remediation tips so anybody in the IT team can manage the fix themselves.
“98% of users find threats with their first vulnerability audit.”
“We’ve provided over 100,000 individual virtual machine scans with Elastic Detector,” Sergio stated, “and in 98% of cases we have identified opportunities for security improvement.”
Elastic Detector works on cloud-based networks – including the AWS Amazon Web Services platform – and traditional networks.
Configuration is straightforward. “It’s a two step process,” Sergio says. “First, define which threats to detect (or choose all) and, second, check whether or not to scan clones of VMs. That’s it. Elastic Detector is now on auto pilot.”
Elastic Detector has four key automated network security benefits:
1. Auto Discovery of new VMs and network assets. Our solution is hands-free.
2. Dynamic, agentless testing. No effort by you to get 24/7 vulnerability testing.
3. Optional testing of VM clones. This protects server performance for users, and enables deeper scans than other solutions.
4. Scanning clones of dormant VMs. We activate and test the clone only, so the dormant machine is always safe to switch back on. This is also useful for when dormant VMs are used as a template. Without Elastic Detector you would be replicating security threats to other servers.