SolarWinds Risk IntelligenceVulnerability Scanner

Vulnerability scan tools can help businesses protect enterprise data and entire networks from security threats

Vulnerability Scanner

Vulnerability Scan Tools

Vulnerability Scanner 1

Vulnerability Scan Tools

Nearly every company today — regardless of size, budget, industry, or location — relies on the Internet for communication and collaboration. Unfortunately, businesses face network threats such as viruses, Trojans, spyware, ransomware, and other malicious programs (or “malware”) that have become increasingly complex and multi-faceted. Compromised computers, breaches in company data, and leaked personal identification information pose potentially devastating legal and financial consequences.

For MSPs and IT professionals, vulnerability scan tools like the multi-layered security solutions available from SolarWinds MSP (formerly LOGICnow) help protect enterprise data and entire networks from all angles.

Network Security Scanning and Vulnerability Assessments

Vulnerability scan tools have become a security requirement for every organization to prevent serious data loss or security breeches. Vulnerability scan tools can strengthen an organization’s security posture by combing the company network to collect information about devices (e.g., computers, servers, routers, and hubs), operating systems and applications installed on the network. 

The data collected by a vulnerability assessment scan tool often includes: Identifying IP addresses and open ports, Analyzing network and system activities, Analyzing system configurations and vulnerabilities, Recognizing typical attack patterns, Analyzing abnormal network activity patterns, Assessing system and file integrity, Analyzing abnormal user activity patterns, Tracking user policy violations.

After the scan tool collects the data, it compares its findings to a database of known weaknesses, signature patterns and anomalous behaviors. These and other techniques detect and prioritize the vulnerabilities of the scanned network. 

Finding the Best Network Security Solutions

Vulnerability Scanner 2

Finding the Best Network Security Solutions

Once you get past all the ancillary features, the fundamental cornerstone you want from a vulnerability scan tool is accuracy. A tool that reports vulnerabilities where none exist (referred to as a “false-positive”) can waste time, money and manpower, as IT teams attempt to prove or disprove the veracity of each false-positive result. It also takes IT departments away from real threats affecting the company.

In fact, more than half of over 200 IT staff surveyed by Enterprise Management Associates (EMA) in 2015 replied that the large number of false-positives indicated by some vulnerability scan tools made them view such tools as noise generators. By their own admission, these IT experts reported that the fatigue brought on by chasing the large number of false-positives caused them to lose confidence in the ability of those tools to report potential and real breaches accurately.

Some scan tools can also err on the flip side by unwittingly ignoring or skipping over vulnerabilities. These instances of “false negatives” can leave networks open to attack, without any indication that the company network is vulnerable. To avoid instances of false negatives from being reported, scan tools may over-compensate and report every possible issue as a vulnerability, and then place the onus on the IT department once again to debunk which concerns are valid and which ones are not.

30% of organizations consulted in the same study indicated that the issue with false-positives is the primary value driver for using advanced analytics software, such as MSP Risk Intelligence from SolarWinds MSP.

Companies looking for a vulnerability scan tool must take into account the dynamic nature of networks and cyberattacks, along with the fact that a vulnerability scan tool should be part of a multi-layered network security approach. Incorporating the right combination of vulnerability detection and management tools is the most effective approach to securing enterprise data, networks and devices.

Internal Vulnerability Scanning

Vulnerability Scanner 3

Internal Vulnerability Scanning

An internal vulnerability scanner is a useful tool to help MSPs identify real and potential threats to their client's IT infrastructure. SolarWinds Risk Intelligence from SolarWinds MSP (formerly LOGICnow) includes vulnerability scanning to help you root out weaknesses in customer networks and stop cybersecurity attacks before they start.

Types of Network Vulnerability Scans

In the world of IT, there are two kinds of scans:

  • External
  • Internal

External scans look for vulnerabilities at the perimeter of the network from the outside looking in. Internal scans search for susceptibilities within the network.

While organizations are quick to throw money and resources at securing the network perimeter from outside attacks, many allocate a fraction of those resources to securing their network infrastructure against inside attacks. Because the attack surface behind today’s firewalls is tempting for malicious attackers, it behooves companies to find vulnerabilities within their networks utilizing the same vigor and due diligence used to protect against attacks from the outside.

Internal scans are heartily recommended for businesses of all shapes and sizes. But organizations that are required to comply with stringent regulatory guidelines — such as PCI DSS and HIPAA — are forced to conduct internal scans. Otherwise, they can face litigation, harsh penalties and tarnished reputations.

Internal Vulnerability Management with MSP Risk Intelligence

Vulnerability Scanner 4

Internal Vulnerability Management with MSP Risk Intelligence

Through the use of its powerful internal vulnerability scanner, MSP Risk Intelligence from SolarWinds MSP pinpoints risks across a client’s environment, including:

  • Computer and server vulnerabilities
  • Firewall vulnerabilities
  • Newly installed system components
  • Misconfigured devices
  • Tablet, smartphone and other BYOD risks
  • Threats from email, malware, and VPN connections
  • Unpatched software
  • Website flaws
  • Exposure of confidential and sensitive content

Simple, Comprehensive Vulnerability Scanning

MSP Risk Intelligence combines the simplicity of the cloud with comprehensive vulnerability management capabilities to protect your clients against threats. MSPs can conduct scans regardless of their physical location. All scans are lightweight to minimize the impact on network resources and business operations while boasting deep scanning technologies.

Deep scanning technologies allow MSP Risk Intelligence to:

  • Scan devices on client networks in seconds.
  • Bypass the hassles of device permissions before accessing workstations, servers, and networks.
  • Test application vulnerabilities thoroughly and eliminate anomalies that can attract cyberattacks from malware and other rogues.
  • Crawl through applications to detect real and potential holes in the software.
  • Identify unpatched software across all client networks.
  • Search through email to uncover vulnerabilities.

MSP Risk Intelligence’s Key Features

Vulnerability Scanner 5

MSP Risk Intelligence’s Key Features

The following list summarizes MSP Risk Intelligence’s key features:

  • Searches span networks, individual workstations and mobile devices to expose weaknesses regardless of their location.
  • Scans all file types, including Microsoft Office documents, database files, compressed files, emails, archives and more.
  • Scans a myriad of platforms including Microsoft Exchange, SharePoint, cloud storage and more.
  • Updates its Vulnerability Scoring System (CVSS) database daily with the latest threat information to keep scans current with the latest vulnerabilities.
  • Detects malware and vulnerabilities on Microsoft Windows, Mac and Linux operating systems using the latest threat information from the CVSS database.
  • Scans email messages and attachments for vulnerabilities and threats.
  • Scans VPN connections for threats whenever a new or suspicious device appears.
  • Shows trends over time.
  • Identifies underperforming systems.
  • Compares monthly and weekly threat statistics sorted by operating system, remote offices and criteria important to you and your clients.
  • Reports on software applications such as Adobe, Flash and Java, whose unpatched status makes them prone to attacks.
  • Supports grouping, searching, sorting and filtering capabilities that provide rapid notification of threats and the systems they affect.
  • Maps unprotected data and vulnerabilities to their calculated financial impact on a client.

Uniquely Suited for Regulatory Compliance

Vulnerability Scanner 6

Uniquely Suited for Regulatory Compliance

MSP Risk Intelligence’s internal vulnerability scanner helps MSPs ensure their customers comply with government and industry regulations. Features specifically geared toward regulatory compliance requirements include the ability to:

  • Scan for internal PCI DSS and Primary Account Number (PAN) vulnerabilities using host-level authentication patterns.
  • Scan for payment information across servers, workstations and mobile devices.
  • Find all users who have access to cardholder data.
  • Discover at-risk credit card data, no matter how deeply it’s buried within a network.
  • Encrypt data-in-transit and data-at-rest using IPsec or SSL VPN tunnels, without having to deploy unwieldy public key infrastructures.

SolarWinds MSP solutions take regulatory compliance even further by protecting cardholder data while it’s stored and when transferred through servers. Security is assured with the following features:

  • Total data encryption between clients and SolarWinds MSP solutions
  • Unique logins when accessing systems
  • Two-factor authentication
  • IP whitelisting
  • Audit trails by logging all application activity

Get More on Vulnerability Scanner

PCI Vulnerability Scanner

Small and medium-sized businesses have a lot on their plates. These companies face a tall order as they fight to remain competitive in an increasingly complex global market.

Among these challenges, they face one especially tricky obstacle: understanding PCI compliance. Working to find the right PCI vulnerability scanner is a challenge for managed service providers (MSPs) that comes with high stakes for an organization’s finances and reputation.

 

The Need for Security

PCI standards serve to ensure the security of credit card transactions. It’s a simple goal. And yet, it has broad ramifications across the economy.

With the understanding that their personally identifiable information is secure, customers more readily offer their trust to those who handle transactions. Moreover, they’re more likely to do repeat business.

At the same time, a business can suffer when data security is breached. Customers seek the confidence knowing that, after they swipe their cards or type their card numbers online, they won’t be the victims of identity theft.

That consideration has become particularly urgent in recent years. In 2015 alone, there were roughly 2,200 confirmed breaches with data loss. Headlines continue to reveal data thefts targeting retail giants like Target and Home Depot.

Which all speaks to the point of the PCI standards — organizations need to take steps to secure credit card data. This, in turn, allows the public to trust credit cards. It’s no wonder that credit card companies founded their own regulatory council.

Broad Rules

So, what does it mean to be compliant with PCI Data Security Standards? And how does that affect the selection of PCI vulnerability scanners?

As mentioned, the standards are a set of rules for anyone who processes cardholder data. These rules place a broad set of requirements on those who manage cardholder data, including:

  • Building and Maintaining Secure Networks - Organizations must install and keep up a firewall to protect cardholder data. They must also use custom passwords for their systems.
  • Encrypting credit card data - All credit card data must be encrypted across public networks.
  • Maintaining a program that manages security Vulnerabilities - Merchants and others must take steps to protect themselves from malware and viruses.
  • Setting strict limitations on who can access data - Permission to access credit card information must be significantly limited and protected, with identification and authentication processes in place to access data.
  • Monitoring networks and test security - Businesses and organizations must regularly test their security systems, as well as track and monitor access to cardholder data and networks.
  • Implementing an IT security policy - In addition to taking the steps above, organizations must make sure that they have a policy in place to codify their security policies.

The security standards go much deeper into the granular requirements of these categories. And for each requirement, credit card processors are expected to demonstrate compliance. They do so partly through PCI vulnerability scanners.

Digging Deep

Vulnerability scans work to identify misconfigurations and vulnerabilities of websites, applications and IT infrastructures. The scans must also be performed after significant changes have been made to a network. These include the installation of new system components, changes to firewall settings and product upgrades.

The goal of the scans: to help IT managers patch these vulnerabilities and to take steps to minimize attacks.

Organizations must run both “internal” and “external” vulnerability scans. Internal scans identify vulnerabilities within a network’s firewall. These scans take stock of the threats within a business’ network. External scans, on the other hand, analyze the ways in which outsiders can attack a network.

Why Go Through the Trouble?

If this all sounds complicated, you’re not alone. Yet PCI standards are something that shouldn’t be ignored. The reason?

It begins with the fines. Organizations who are noncompliant with PCI Data Security Standards face potentially hefty fines.

In fact, those who are noncompliant face fines of up to $500,000. Remember that the PCI Security Standards Council is not a government agency. It does not directly fine businesses. Instead, the council levies fines against a business’ acquiring bank, which can pass along the hefty fees to the business.

The fines are a major incentive to come into compliance. But perhaps more important is the larger goal. PCI compliance isn’t just about meeting credit card companies’ demands; it’s about instituting important security measures to protect critical data. And it’s about taking steps to gain the public’s trust — and improve business.

So, wouldn’t it be nice if there were an elegant, scalable solution to keep organizations PCI compliant — while maintaining crucial network security?

Discover Permissions

Many breaches can be prevented by limiting user access to personal identification information. Before you configure access permissions, however, you have to know which users have access to what data.

MSP Risk Intelligence comes with its set of permissions discovery tools that allow you to:

  • Discover who can and cannot access sensitive data. Granular detail allows you to see details about read/write access to a wide range of file types.
  • Locate unsecured payment information collected by sales associates.
  • Identify confidential data, such as trade secrets, intellectual property, and mergers, that place this sensitive information at risk.

Designed with MSPs in Mind

Like all SolarWinds MSP solutions, MSP Risk Intelligence has been built from the ground up with MSPs in mind.

Results show severity levels grouped in ways that pinpoint the most critical vulnerabilities to address first. Filters and drill-downs allow you to view specific details about vulnerabilities, such as where sensitive data is located and who has access to it.

The results include a calculated “security number” that identifies the potential dollar liability to which your clients are exposed. To present a compelling to your customers, the security number takes into account the severity of the vulnerabilities are and the amount of unauthorized access.

MSPs can rank threats according to which pose the biggest issues. Synchronization of the CVSS database, which is updated daily by the SolarWinds MSP research team, clients are protected 24/7 against the latest cyber threats.

Extending Value

MSP Risk Intelligence can be used as a stand-alone solution that scans internal networks in real-time or in tandem with our other MSP products as part of an integrated suite of managed security solutions:

  • MSP Remote Management
  • MSP Backup & Recovery
  • MSP Mail Protection

The synergy created by combining the detection, scanning, and reporting features of MSP Risk Intelligence with the power of our other MSP products forms a digital blanket of multiple layers of security to mitigate damage resulting from increasingly sophisticated, multifaceted threats.

Every layer protects a different area in a client’s IT infrastructure where a threat can attack. If the attack can circumvent one layer, there are additional layers that block the path between the threat and the network. By working in concert, the network is protected against single points of failure that can compromise the network itself and the confidential and sensitive data residing on it.

SolarWinds MSP solutions offer the following types of security layers that MSPs can add to their collection of service offerings:

  • Anti-spam and anti-virus software
  • Backup and recovery
  • Data encryption
  • Email protection and archiving
  • Patch management
  • Privacy controls
  • Vulnerability assessment and analytics
  • Web protection

Vulnerability Scanning and Protection Tools From SolarWinds MSP

SolarWinds Risk Intelligence

  • Supports lightweight scans and host-based scans
  • Discovers potential vulnerabilities with sensitive data
  • Gives you complete drill-down granular control and insight into the devices on your network