Vulnerability Scanning with SAINTscanner®
New vulnerabilities are discovered at an astonishing rate. Attackers analyze the vulnerabilities to determine if exploit code can be developed. Once the exploit code has been developed, the launch pad is ready to attack susceptible targets. Organizations that do not continually scan for and repair vulnerabilities face a growing risk of being the next compromised victim. The number one threat to infrastructures today is known vulnerabilities.
One example of a known vulnerability is the Conficker Worm. First detected in 2008, it has infected millions of government, business, and home computers since then with multiple variants. Conficker uses a Microsoft vulnerability (MS08-067) to propogate if it is unpatched. This is just one example of why all administrators should scan their networks for vulnerabilities and resolve any vulnerabilities that are found.
A vulnerability is a flaw in a system, device, or application that, if leveraged by an attacker, could impact the security of the system. Exploits take advantage of a vulnerability by compromising or destructing the vulnerable system, device, or application. Remediation is the process of repairing or providing a remedy for a vulnerability, thereby eliminating the risk of being exploited. Vulnerability scanning is used to identify and evaluate the security posture of a network. Historically, scanners were developed for specific purposes such as scanning only Windows desktops, applications, or network devices. SAINT offers heterogeneous scanning that identifies vulnerabilities across operating systems, desktop applications, network devices, Web applications, databases, and more.
Starting a basic SAINT scan is a 4 step process:
The Scan is Done ... What Now?
In the past, customers relied on severity levels such as High, Medium, or Low to prioritize their battle against vulnerabilities. However, security experts and asset managers today require more advanced and flexible methods for correlating risks to their infrastructure and critical business functions, and devising mitigation strategies. Whether it is associating vulnerabilities with industry-specific severity codes like PCI’s Severity codes, standards compliance based on Pass/Fail, prioritizing risk based on numeric scores like CVSS, or basing priorities on whether a vulnerability is exploitable, the ultimate decision is up to you. The value proposition from SAINT is to offer this flexibility and deliver easy-to-use solutions that facilitate the management of risk—not dictate how it should be conducted.
SAINT Scanner Sample Mapping
SAINT offers over 40 additional mappings to assist with prioritization, and to allow advanced users to map their own internal IDs or controls. For more information on reporting, see SAINTwriter.