网络漏洞扫描是识别计算机弱点的过程, 网络, 或其他可能成为威胁行为者利用目标的IT资产. 扫描您的环境以查找漏洞,从而通知您当前的风险状态, 你们安全措施的有效性, 以及通过漏洞补救来提高防御能力的机会.
Obtaining 和 deploying a 网络 vulnerability scanner is often the first step in creating a more proactive security program. 面对现代攻击者, it’s no longer enough to build high walls 和 wait out a siege; modern security programs have to identify the holes that they could exploit 和 seal them up before threat actors can take advantage. 网络漏洞扫描器可让您快速评估网络中的这些漏洞, 告诉你如何优先处理和纠正缺陷, 并为您的安全团队的整体成功和进步提供一个很好的晴雨表.
脆弱性 scanning is inclusive of several tools working together to provide maximum visibility 和 insight across your 网络. 这些工具包括:
The ability to fully scan your 网络 is critical to efficient vulnerability detection 和 remediation, 以及保持良好的声誉.
There are many great reasons to continuously perform vulnerability scans across your 网络, 但扫描的类型可以有所不同. 例如, discovery scans are usually performed quickly 和 typically focus on system discovery 和 any TCP/UDP ports that may be open.
然后是未经身份验证的扫描和经过身份验证的扫描. 未经身份验证的变种执行详细枚举, 其中可以包括DNS解析, 操作系统类型, 服务运行. 此方法不需要凭据就可以对发现的系统执行扫描.
Authenticated scans leverage credentials to log into systems 和 perform even more specific enumeration. 这包括软件漏洞, 系统配置问题, 以及监管框架的基准,比如 独联体, NIST等等.
体验价值InsightVM可以为您提供30天的免费试用环境.
开始The key features of a 网络 vulnerability scanner should work together to scan the entirety of your IT infrastructure 和 identify potential weaknesses that can be exploited. 要做到这一点,扫描器应该(至少)具有以下功能:
The scan coverage of a 网络 vulnerability scanner is crucial to not want to miss any vulnerabilities left open to attack due to blind spots. 这扩展到扫描器对零日漏洞的响应和覆盖范围. 在让供应商参与概念验证(POC)过程时,请记住这一点, 这就引出了下一个问题.
Every company’s 网络 is different; it’s important to implement a vulnerability scanner that can intelligently scan everything from PCI environments to hospitals with minimal configuration 和 manual adjustment. 这也意味着您的网络漏洞扫描器必须非常准确, with a robust set of vulnerability checks against every major flavor of software 和 operating system. 有时,这也扩展到更深奥的系统,如SCADA控制.
Most commercial 网络 vulnerability scanners do a good job of keeping up with the latest vulnerability checks; often, 决定一个项目成功与否的是接下来发生的事情. 网络扫描工具 enable you to prioritize thous和s of vulnerabilities across different types of devices 和 different segments of your 网络. 这对于确保您的团队尽可能高效至关重要, 因为你永远不可能修复每一个漏洞. 一旦完成, you have to get the information to the right people; it’s critical that your 网络 vulnerability scanner has the ability to easily show remediation steps to the people responsible for remediation. Executive level reporting can show management how you’re improving your company’s security over time.
Rapid7 InsightVM is the leading 网络 vulnerability scanner for protecting today’s modern IT environment. 那么,InsightVM如何为您的风险态势提供无与伦比的可见性呢, 与其它扫描解决方案相比?
我们的网络漏洞扫描器, InsightVM, 在高德纳(Gartner)和弗雷斯特(Forrester)等分析师的排名中名列前茅,并在Insight云平台上运行, 使得创建一个 脆弱性管理 扫描程序. 无论您是小型家族企业还是财富100强企业, InsightVM可以适应您的环境. It uses multiple vulnerability checks 和 credentialed vulnerability scanning to ensure that our results are as accurate as possible across your dynamic 和 diverse IT environment.
InsightVM is trusted by organizations from major retailers to nuclear power plants 和 hospitals. 为什么? It’s designed to easily 和 accurately identify what assets are being scanned 和 how to best scan 和 protect those assets with minimal input from end users.
不确定您是否有能力自己部署网络漏洞扫描程序? Rapid7提供 部署服务 和 training to help you set up your entire 脆弱性管理 process from scanning to remediation instruction. You can also let us hop into the driver’s seat with our 漏洞管理 service.
准备好开始了? 注册下面的InsightVM免费试用版.