Prioritizing vulnerability remediation can be hard based on traditional metrics such as CVSS score alone. By merging contextual information about the asset and its importance, such as how it’s being used, with broad information about the vulnerability, you can understand the real risk behind identified vulnerabilities. This helps you make prioritized shortlists of the most urgent security issues. You can make informed decisions, optimize time spend and maintain healthy overall risk-levels and steady security hygiene.

This scan discovers and maps all assets, systems and devices on your network. It also ensures efficient vulnerability management through the creation of scan groups.

Agent-based scan leverages WithSecure™ Elements platform’s single agent, and lets you scan remotely-sprinkled Windows computers outside your network. This is especially useful in the remote working era and means adding fewer open doors into your most valuable devices when performing vulnerability scans. The agent-based scan collects lists of hardware and software, identifying open ports and vulnerabilities related to installed software and operating systems. The scan is an easy-to-perform, lightweight procedure, allowing you to maintain an up-to-date view of all assets.

Internet Discovery Scan identifies all internet-facing systems/services. This scan provides a powerful search function by using DNS names to identify assets within the domain. It helps you to gain awareness of what services actually reside within domains under your control. With an Internet Discovery Scan, you can find shadow IT and potential brand infringements and breaches, such as a misleading domain name.

System Scan is a network-based vulnerability scanner that can cover any IP system for common vulnerabilities. It identifies the system and version number, before checking for open ports, known vulnerabilities (i.e. missing patches), default passwords and misconfigurations. It causes no disruption, so there are no issues around denial of service.

Some devices, such as example routers, require authentication before they can be fully scanned. The Authenticated Scan allows the System Scan to log into these systems – improving accuracy and decreasing false positives and negatives – to find vulnerable system versions, missing patches, and misconfigurations.

A Web Scan – typically used in a complementary format – allows you to scan and test custom web applications. You can utilize these during the development of new applications as part of the life cycle, enabling you to catch vulnerabilities early in the process and save considerable resources.