Internal & External Vulnerability Scanning Plus+

Carnegie Mellon University estimates that 99% of all reported intrusions "result through exploitation of known vulnerabilities or configuration errors, [for which] countermeasures were available." Source: SecurityStats.Com http://www.securitystats.com/infosec.asp

External Vulnerability Scanning Plus+ Service

Our External Vulnerability Scanning Service scans your Internet addressable hosts for known vulnerabilities. To perform this service we use the Nessus scanning engine, a powerful Unix-based network vulnerability scanner. Some of the key features of our service are:

• Runs weekly to find new vulnerabilities, backdoors, and configuration changes in your network
• Checks for over 4000 vulnerabilities, backdoors, and misconfigurations
• New vulnerability tests added to the system each week.
• Can be scheduled for any day or time
• Automated e-mail notification of scan start time, completion time, number of tests performed.
• Automatic publishing of scan report to secure private web site
• Scan report is reviewed by an experienced M5 Computer Security Engineer and discussed with your designated Point of Contact.
• Special Manual Vulnerability Tests are performed when serious new problems break on the Internet.

Depending on the size of your network and the number of vulnerabilties found, a minimum of 1hr per month (15min per scan) is required for a Security Engineer to review the results of the scan.


Internal Vulnerability Scanning Plus+ Service

Our On-site scanning service will help you track down security problems on your LAN. The most expensive security incidents come from within your own organization. Combining an On-site scan with an Internet-based scan improves the overall view of the security of your network. The On-site scan combines the same Unix-based scanner we use for the Internet-based scanner plus a few specialized tools specifically designed to locate security issues on your LAN.

• Checks for over 4000 vulnerabilities, backdoors and misconfigurations
• Additional specialized LAN-based tests are manually performed by our Security Engineers
• New vulnerability tests added to the system each week.
• HTML report delivered privately or can be published to secure private web site.
• Scan report is reviewed by an M5 Computer Security Engineer and discussed with your Point of Contact.

The number of hours required to perform this test depends on the size, configuration and number of vulnerabilities found.