Largely automated scans of your website and server infrastructure give an initial insight into your network and the security status of web servers and web applications.
The benefit you derive from a Vulnerability Scan by Zerberos is the interpretation of results by us following the scan; using our experience of more than 20 years as Penetration Testers and Ethical Hackers, we are in a position to recognize the significance of the individual results and put them in perspective. We can thus communicate only the important results, because the scanners often provide hundreds of results that cannot be classified without relevant expertise.
For performing Vulnerability Scans we use tools such as Nmap, Nikto, Tenable Nessus and Openvas. We do not depend solely on one scanner, but rather extract relevant data from the reports from different tools.
The scan results can serve as the basis for a subsequent Penetration Test or a comprehensive security audit. Similarly, after a comprehensive security audit, they can be repeated, say every month, in order to always remain up-to-date and to detect system changes in time.
System downtime, turnover loss, restoration work, data loss and loss of trust cause losses all over the world, amounting to millions every year. Each single incident costs thousands of Francs for emergency intervention, investigation, restoration and prosecution – apart from the costs for the loss of confidential data.
An attack on a customer’s web shop or order data leaking out may alert the customers to the problem, or the Press, for example, might point it out to them. The loss of trust this causes can seriously compromise the shop sales and the customers could eventually move off to a competing provider.
Everyone is a target for attack
Every system with an Internet connection is a potential target for attack. A CIA/FTP study conducted in 2002 showed that 90% of the survey participants have recorded successful attacks on their systems. Even if there were no data in their network that could be of interest to an attacker, it can serve as an intermediate stage for attacks on other networks. Automated attack tools – e.g. worms such as Blaster, search for vulnerable systems without consideration for or interest in the owners of the systems.
The traditional defense systems such as IDS, anti virus systems and Firewalls do often not provide sufficient protection from attacks, as for example worms such as SQL Slammer and Blaster have shown to find a way into internal systems through “harmless” channels.
Business and Partner Security
Firms with Extranets, which enable partners, resellers and other business processes, must ensure that their own networks as well as those of the partner are secure and do not allow mutual attacks on the data.
Call now on 044 586 64 68 for a consultation or an offer.