Detecting and mitigating known vulnerabilities on servers, workstations and other end points is one of the most critical aspects of minimizing the attack surface that malware or an active attacker can use to get into your network. Finding vulnerabilities goes beyond simply scanning for services that are exposed to the network successful vulnerability detection also involves deep inspection of end points to ensure that they are configured securely and correctly.
Endpoint Vulnerability Scanner
While vulnerability scanners are great at detecting known security threats on end points, they have several problems that make continuous or frequent vulnerability detection difficult. One major issue is the fact that scanners are only looking at the network-exposed services on an end point. They have no visibility into system configurations that can be exploited through phishing, malware and other attacks once malicious code is running on the system. Another issue is is bandwidth; vulnerability scanners operate using a “black box” approach that requires them to attempt to connect to end points dozens – and sometimes, even hundreds – of times, potentially saturating networks and impacting critical services operating across the network. This can cause not only accessibility problems, but also initiate network management capabilities such as intrusion detection and quality-of-service (QoS) filters that block assessment tools from successfully discovering systems and services. In addition, vulnerability scanners can be disruptive to the endpoint itself causing outages if not used carefully. Finally, vulnerability scanners are detection tools only – they cannot automatically remediate problems they find on end points, leaving systems exposed until their vulnerabilities can be manually addressed.
End point vulnerability detection through Promisec takes an entirely different approach. Leveraging our patented agentless technology, we can inspect an endpoint completely in 10 seconds or less and determine immediately any known CVE’s for the installed applications running on that endpoint. This allows customers to run Promisec technology across their entire enterprise, during business hours including their production environments. By being fast, unobtrusive, remote but application focused, we believe you can achieve true endpoint vulnerability detection at scale.
Promisec Endpoint manager can help with Endpoint Vulnerability Detection. Contact us today to hear more or access a free trial.