CSP offers a comprehensive, Webdriven vulnerability management program that provides visibility into potential exposure areas within a distributed network environment
CSP Vulnerability Management Service “VMS” is designed to provide a comprehensive, Webdriven vulnerability management program that provides visibility into potential exposure areas within a distributed network environment. The details of your order (e.g., the services you require, contract period, and charges) will be specified in the Order.
VMS has been designed to help provide you with the tools and capabilities required to implement an effective vulnerability management program. The service may be delivered as either an external or an internal solution. If delivered as an external solution, scanning will be provided which originates from our cloud instance. If delivered as an internal solution, a scanning agent (called “Agent”) will be deployed into the Customer’s internal network to provide vulnerability management of internal Hosts which may not be directly accessible by Hosts outside of the Customer’s network.
You need constant intelligence to discover them, prioritize them for your business, and confirm your exposures have been fixed. Connect to your cloud services, virtual infrastructure, and container images to automatically assess new devices, and use dynamic dashboards to understand the risk of your modern infrastructure as it changes.
Asset Classification & Criticality VMS provides authorized Customer security contacts with the ability to assign a numeric business criticality ranking to each discovered asset. Rankings can be assigned to single or multiple assets at one time. Assigning a criticality ranking to each discovered asset allows prioritization for which vulnerabilities should be remediated first. Business criticality ratings will be stored in the VMS system and can be modified by authorized Customer security contacts at any time.
External scanning provides the Customer with a potential hacker’s view of the network perimeter and is designed to highlight those risk exposures open to the general Internet community. External scans will identify and assess only devices with routable IP addresses. Non-routable IP addresses behind closed firewalls will not be scanned.
Internal scanning is designed to allow the Customer to assess the state of vulnerabilities within their enterprise. This type of assessment is important as a large percentage of network-based attacks (for example, mass-propagating worms) often originate unknowingly from inside a protected or private network.
Remediation Workflow (High Level Process Sample) VMS provides Customer with a workflow designed to guide Customer through the remediation process. Using this process, a subordinate/system administrator will be provided with the next step to resolve a specific vulnerability. The workflow is primarily driven by the status of the vulnerability. For example, the following status may be used during the remediation process: