InSight - Vulnerability Management Suite
Organizations invest large amount of money in building network infrastructures to support their business goals and objectives. With the increase in the number of users in an organization, managing the users and devices in the network and securing them has become complex thus making it difficult to deal with security issues.
With limited resources and numerous constraints it is difficult to understand which aspects of your vulnerability management program need your direct attention, and how do you prioritize your mitigation efforts. InSight vulnerability management suite will help you understand the vulnerabilities and the risks they pose to your organization.
InSight is a single vulnerability management platform where you can manage your assets, assess their vulnerabilities, determine compliance status, and adopt an effective workflow to address the discovered vulnerabilities so that it doesn’t affect your organization.
How it Works?
- Discover assets:For any organization it is of utmost importance to find out the assets that require protection and the risks they pose to the organization.
- Configure scans:The requirements of various organizations are different. InSight allows you to configure the scans as per the needs of organization and you can also configure scan frequencies in line with the risk levels.
- Collate results:InSight helps gather information, examine it carefully, and compare it with other information to find any differences. It also integrates output from multiple scanners and audit reports into a single manageable portal.
- Run analytics:InSight provides a systematic analysis of the data and statistics of the output.
- Generate reports and metrics:Finally the reports and performance metrics are generated for the organization. Users can generate custom report by selecting the required field.
Use of InSight
- Helps you to identify Vulnerabilities & Risks.
- Given a range of IP addresses, InSight runs continuous monitoring to scan for new assets as well as new ports or services that appear on existing assets.
- InSight integrates with multiple scanners such as Nmap, Nessus, Acunetix, Netsparker and many others to schedule scans, set up scanning policies, and retrieve scan results all through a single portal, with the help of such scanners you can identify risk levels
- Auto discovery of assets and services:InSight is able to discover the appearance of new assets on your internal network as well as on your external perimeter. Given a range of IP addresses, InSight runs continuous monitoring to scan for new assets as well as new ports or services that appear on existing assets.
- Scheduled vulnerability scanning:InSight integrates with multiple scanners such as Nmap, Nessus, Qualys, Acunetix, Netsparker and many others to schedule scans, set up scanning policies, and retrieve scan results all through a single portal. Scans can also be triggered on-demand for any given asset or asset group.
- Deduplication of vulnerabilities:InSight comes with built-in capability to de-duplicate vulnerabilities discovered from multiple scanners on the same asset. This is done based on CVE IDs. This ensures that your administrators and web developers do not receive multiple reports containing overlapping and repeated issues. A simple counter keeps track of how many times the same issue has been discovered.
- Vulnerability management workflow:InSight comes with an extensive vulnerability management workflow that allows for issues to be tracked, commented upon, revalidated, and escalated if not fixed within a user-defined number of days or after a specific number of repeat discoveries. This ensures that you have exact InSight into which issues are open across which assets and under the responsibility of which specific teams.
- Removal of false positives:The false positive removal is done manually once the scan results are retrieved. This differentiates us from the run-of-the-mill continuous scanning services that pay little heed to the importance of manual intervention in delivering quality results to you. It is counter-productive to receive a 1000-page report over half of which consists of false positives. Our 24/7 SOC team reviews each report before it is released to you.
- Malware monitoring and website defacement:The external perimeter scanning service also has the capability to scan for any malware injection on your website as well as determine any defacement of your web pages. Using a proprietary approach, we are able to determine heuristically for any malware that may have been injected onto the site. Our web defacement algorithm has a user-configurable sensitivity level that reduces false positives for pages that are regularly updated by the client.