Vulnerability Management Service

Scanning your network before someone else does...

CSP offers a comprehensive, Webdriven vulnerability management program that provides visibility into potential exposure areas within a distributed network environment

Quick Contact

CSP Vulnerability Management Service “VMS” is designed to provide a comprehensive, Webdriven vulnerability management program that provides visibility into potential exposure areas within a distributed network environment. The details of your order (e.g., the services you require, contract period, and charges) will be specified in the Order.

VMS has been designed to help provide you with the tools and capabilities required to implement an effective vulnerability management program. The service may be delivered as either an external or an internal solution. If delivered as an external solution, scanning will be provided which originates from our cloud instance. If delivered as an internal solution, a scanning agent (called “Agent”) will be deployed into the Customer’s internal network to provide vulnerability management of internal Hosts which may not be directly accessible by Hosts outside of the Customer’s network.

 

Understand your modern network

You need constant intelligence to discover them, prioritize them for your business, and confirm your exposures have been fixed. Connect to your cloud services, virtual infrastructure, and container images to automatically assess new devices, and use dynamic dashboards to understand the risk of your modern infrastructure as it changes.

Asset Classification & Criticality VMS provides authorized Customer security contacts with the ability to assign a numeric business criticality ranking to each discovered asset. Rankings can be assigned to single or multiple assets at one time. Assigning a criticality ranking to each discovered asset allows prioritization for which vulnerabilities should be remediated first. Business criticality ratings will be stored in the VMS system and can be modified by authorized Customer security contacts at any time.

External scanning provides the Customer with a potential hacker’s view of the network perimeter and is designed to highlight those risk exposures open to the general Internet community. External scans will identify and assess only devices with routable IP addresses. Non-routable IP addresses behind closed firewalls will not be scanned.

Internal scanning is designed to allow the Customer to assess the state of vulnerabilities within their enterprise. This type of assessment is important as a large percentage of network-based attacks (for example, mass-propagating worms) often originate unknowingly from inside a protected or private network.

Remediation Workflow (High Level Process Sample) VMS provides Customer with a workflow designed to guide Customer through the remediation process. Using this process, a subordinate/system administrator will be provided with the next step to resolve a specific vulnerability. The workflow is primarily driven by the status of the vulnerability. For example, the following status may be used during the remediation process: 

  • open – initial status, set automatically following discovery of a vulnerability; 
  • ignored – indicates a given vulnerability should be ignored for the time being. This status is set manually and is not recommended
  • notified – indicates a vulnerability has been assigned for remediation. This status is set automatically; 
  • reviewed –indicates the system administrator has reviewed the vulnerability. This status is set automatically
  • in progress – indicates the vulnerability has been reviewed and the remediation is in progress. This item is set manually 
  • resolved pending confirmation – indicates the vulnerability is believed to be resolved and a follow-up scan is necessary to confirm. This status is set manually.

Quick Contact