Managed Vulnerability Scanning
We ensure vulnerabilities are found and remediated before an attacker does.
Introduction to CheckScan+
CheckScan+ is a new Managed Vulnerability Scanning Service from CommSec. CheckScan+ combines industry leading application / infrastructure scanning technology and security expertise from our consultants. This hybrid service is designed for those who seek the assurance that consultant guided testing can provide.
CheckScan+ has a sophisticated scanning engine designed and maintained by security experts. It supports all forms of authentication via a scriptable browser interface.
CheckScan+ is fully supported throughout the scanning engagement, from scoping and configuring your scans, to helping you understand and analyse your results.
The service gives you access to technical support that is provided by our Security Analysts. We are available to explain the results in greater depth, remove false positives and provide remediation advice once initial testing is complete.
GoScript is a simple scripting language that defines application workflows, so that the scanner can interact with your application, allowing for complex workflow testing. It can also be implemented to complete multi-stage authentication.
Support to create basic GoScripts for your application is included in the service. More complex scripts may need to be developed separately by one of our consultants.
The full benefits of CheckScan+ are:
- Full access to unlimited CheckScan+ scans
- Removal of false positives by our support team
- Pre-defined scan templates
- Basic GoScript writing support if required
- Technical support from our Security Analysts
- In depth explanation of results
- High quality, detailed reports
- Full management of the scanning process including scheduling, configuration and management
Automated Penetration Testing
Traditional penetration testing is an important part of security management. However, this testing can be expensive and only shows results from a point in time. Continuous security testing is required to give visibility on an on-going basis.
CheckScan+ can give continuous visibility of vulnerabilities in your environment. Scans can be scheduled to run regularly, and additional scans can be run on-demand. By continuously scanning your environment, vulnerabilities can be spotted and remediated quickly, instead of waiting for an annual penetration test to find them.
CheckScan+ follows a simple 4-step continuous process:
- Scan – Once a scan profile has been configured, it can be scheduled to run regularly. An on-demand scan can also be run whenever it is required. Scans can be scheduled to run outside of business hours or during specific testing windows.
- Detect – CheckScan+ will use industry-leading technology and the latest intelligence on threats to detect vulnerabilities in your IT environment.
- Analyse – Once the scan has completed, the results will be available to our team of Analysts. The results will be reviewed for false positives and the findings will be validated.
- Report – A report will be produced which gives concise results in a meaningful format. Findings will have a detailed explanation and suggested remediation steps.
If you want to find out more, get in contact with us for a free trial. There is no requirement to download or install software.
B109, The Linc,Blanchardstown Institute of Technology, Dublin
+353 1 536 7320