SAINTscanner® Vulnerability Assessment
Before you can secure a network, you have to know how it's threatened. SAINT uncovers areas of weakness and recommends fixes. With the SAINTscanner you can:
- Identify vulnerabilities on network devices, operating systems, desktop applications, Web applications, databases, and more.
- Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders.
- Anticipate and prevent common system vulnerabilities.
- Demonstrate compliance with current government and industry regulations such as PCI DSS, NERC, FISMA, SOX, GLBA, and HIPAA.
- Perform compliance audits with policies defined by FDCC, USGCB, and DISA.
- Vulnerability Scanner at a Glance
- Lets you exploit vulnerabilities found by the scanner with the integrated penetration testing tool, SAINTexploit.
- Shows you how to fix the vulnerabilities, and where to begin remediation efforts —with the exploitable vulnerabilities.
- Allows you to assess both external and internal assessments.
- Performs authenticated and unauthenticated vulnerability scans for operating systems, databases, and Web applications.
- Lets you scan and exploit targets with an IPv4, IPv6, and/or URL address.
- Shows you if the network is compliant with PCI security standards; SAINT is certified by the Payment Card Industry (PCI) Security Standards Council as an Approved Scanning Vendor.
- Correlates industry standard identifiers such as CVE, OSVDB, BID, IAVA, OVAL, SANS/FBI Top 20, the presence of exploits, CVSS score, vendor ID, and many more.
- SAINT provides support to the OVAL Adoption Program as a Vulnerability Scanner, and provides the capabilities as both a Definition Evaluator and a System Characteristics Producer.
- Allows you to design and generate vulnerability assessment reports quickly and easily. Lets you present the findings of even the largest network scans in an easy-to-read format with colorful charts.
- SAINT is an agentless solution that does not require agent software to be loaded on assessed endpoints.
- Shows you if your network security is improving over time by using the trend analysis report.
- Gives you the option to store the vulnerability data locally or remotely; your vulnerability data does not need to be sent across the Internet.
- Provides automatic updates with new vulnerability checks and exploits on a daily basis.
- Lets you manage and schedule scans across large enterprises with the SAINTmanager remote management console.
- Allows you to add your own custom checks and vulnerability signatures.
- Performs content scanning for data (e.g., credit card or social security numbers) that should not be stored on desktops/servers.
Identify security vulnerabilities. SAINT's up-to-date database includes thousands of known vulnerabilities. In addition to identifying vulnerabilities, SAINT gives you the threat level and shows you how to fix them.
Continuous protection with automatic updates. SAINT releases new vulnerability checks every 2-3 days. Because SAINT checks for updates every time it runs, you can be confident that you are defending your network against the latest threats.
Accurate view of your network. SAINT assesses your network for anything connected to your network with an IPv4, IPv6, and/or URL address.
Powerful customizable reporting. Build your own custom reports or use SAINT's preconfigured templates for a variety of reports from executive level to detailed technical reports. SAINT's trend analysis report will give you a picture of your network's security improvements over time.
Manage resources more efficiently. Knowing the extent of your network vulnerability lets you focus attention and resources where they are needed most. Because the scanner is integrated with the exploit software, you can begin your remediation with the critical exploitable vulnerabilities.