Vulnerability management for any organisation is a continuous and complex process, made even
more complex by the risk exposure of not managing these vulnerabilities effectively and thus
exposing the organisation to cyber-attack and losses.

Seric offer the following to lighten the load on internal IT teams and reducing costs, while increasing the effectiveness by having skilled cyber security consultants performing the monitoring, analysis, and detailed reporting.

Managed Vulnerability Service

The base service offered to organisations is a centralised virtual appliance (scanner), hosted on the
client server infrastructure to

  • Probe all accessible network segments and identify network devices giving full clarify and
    exposure of the network device footprint.
  • On a monthly, and ad-hoc basis, scan these devices to identify weaknesses and
    vulnerabilities within their operating system and applications.
  • Monthly reporting, covering trending of vulnerabilities within the organisation, on-going
    significant issues, point of interest, and detailed appendix covering all vulnerabilities and
    information on technical exposure, fixes, etc

In addition to the vulnerability scans, our base service also offers the following

  • PCI Scanning and Reporting – using an approved scanning vendor (ASV) quarterly scans can
    be performed to demonstrate compliance
    with the PCI DSS standard.

 

This base service can be enhanced in the following ways

Agent Based Scanning

Never in the past have so many organisations had so much remote working for their employees. In the past the majority of network endpoints lived most of their life on the internal corporate networks, thus the approach of centralised scanner(s) on these corporate networks.
Agent based scanning places a lightweight agent on each remote device (Windows, Linux, Mac OS) to monitor and protect these devices without the need for VPN connection to the corporate network.
The agent communicates with our cloud platform, to understand the latest vulnerabilities, and in turn scan the local device to identify it, and report back to the cloud platform. This is combined with any non-agent-based scanning to give a homogenous view of the entire environment.

 

Web Application Scanning
For organisations making significant use of web applications to store sensitive data they may wish to
preform frequent vulnerability and security management of these platforms. With Seric web application scanning we can identify the in-use web applications and perform deep scanning of these applications, moving past simple vulnerability scanning to identify more complex SQLi and XSS vulnerabilities as well as detecting the OWASP top 10.
Scanning can be progressive to allow the scanning and analysis in incremental stages and be both in
authenticated and unauthenticated forms.

Learn more about our cyber solutions

seric.co.uk/cyber