fast international shipping
ISO 9001/27001 Corporate certification
Manufacturer certified experts for your project
Was ist Schwachstellenmanagement?
Schwachstellenmanagement beugt in erster Linie dem Ausnutzen von Schwachstellen in IT-Systemen eines Unternehmens vor. Sie sind einer der am häufigsten genutzten Wege, um gewerbliche IT-Infrastrukturen zu kompromittieren. Bei einer Schwachstelle kann es sich dabei sowohl um veraltete, als auch fehlerhafte bzw. unzureichend konfigurierte Hard- oder Softwarekomponenten handeln. So werden beispielsweise häufig Standardpasswörter von IoT-Geräten nicht geändert, welche die Geräte durch eine einfache Brute-Force-Attacke zu einem Sicherheitsrisiko werden lässt, oder es sind durch eine fehlerhafte Konfiguration interne Unternehmens-Ressourcen über das Internet für die Öffentlichkeit verfügbar.
Traditionally, checking corporate networks for possible vulnerabilities requires extensive resources from inside or outside the company in the form of penetration testers. However, this can only provide a "snapshot" of the vulnerability of the corporate network.
Why do I need a vulnerability process?
Due to the dynamics of a modern IT infrastructure, however, a continuous situation analysis is required. If, for example, the network is expanded by the acquisition of new endpoints, this may again open up new attack surfaces for cyber criminals. These could not possibly be taken into account in the last "snapshot".
Greenbone simulates the behaviour of a cybercriminal and "attacks" your network from the outside. The solution attempts to exploit up to 72,000 known vulnerabilities that may exist in your network. Greenbone either takes these vulnerabilities from the "Common Vulnerabilities & Exposures" database or uses notifications published by the manufacturers themselves.
Greenbone is one of the few manufacturers that builds on open-source solutions and is actively involved in the open-source community. The manufacturer supports the open source project OpenVAS, which is also used in the Greenbone solutions.
Wie kann mich Greenbone bei meinen Compliance-Vorgaben unterstützen?
In order to ensure a continuous situation analysis of your own IT infrastructure, you need a vulnerability management solution that automatically analyses the entire corporate network and checks it for daily vulnerabilities, thus contributing to the sustainable security of your IT infrastructure.
After the Greenbones GSM has comprehensively scanned and checked your network, it automatically generates a report which provides detailed information about all vulnerabilities discovered. Please note that the GSM does not fix these vulnerabilities, but only sorts them by severity. For which further action will then be recommended. Furthermore, all devices in your network are automatically inventoried.
Another important component of the Greenbone GSM is your licensing model: Here, it is not the number of IP-enabled devices within your company that matters, but how many devices you want to check within one day.
4 simple steps to effective weak link management
