Vulnerability Management Services

Vulnerability scanning—both internal and external—is a critical component in your security and compliance program. The “Internet of Things” is becoming a reality, with more and more smart devices connected to your network—and in turn, to the Internet—as time goes by.

Many of today’s data breaches are avoidable by taking some simple measures. The results of a security vulnerability assessment point you to the most impactful areas to focus your IT resources. Vulnerability scanning enables the following benefits:

  • Discover network-connected devices and the software running on them;
  • Quickly uncover vulnerabilities and prioritize them relative to the risk they pose; and
  • Support continuous improvement in your security posture while meeting compliance requirements
  • Once we’ve identified your vulnerabilities, we’ll help you manage them.

Internal Vulnerability Scanning.

Most small business owners focus their time and money on addressing security threats at the perimeter, but few pay attention to protecting their internal network. The Payment Card Industry Data Security Standard (PCI DSS) Requirement 11.2 requires business owners with systems that process card data to conduct a vulnerability scan of their internal environment on a quarterly basis. This helps to identify weaknesses in the network behind their firewall, such as systems that need to be patched.

Pylon’s Internal Vulnerability Scanning (IVS) is a web-based internal vulnerability scanning service. IVS does not require additional software or hardware to be implemented; it delivers powerful, enterprise class security technology from the cloud to identify real and potential vulnerabilities within your internal network. The simple, Web-based interface is easy to operate, and the reports clearly describe any detected vulnerabilities, providing you with easy-to-understand remediation directions.

Designed with security as the top priority, Internal Vulnerability Scanning encrypts and segregates your scanning data to ensure confidentiality.

  • All internal vulnerability scanning connections are secure and utilize SSL encryptions and certificates.
  • No additional hardware or software is required, so there’s nothing extra to manage or secure.
  • ControlScan’s team of security experts is available to help you understand the network vulnerability scan results.

In addition, Internal Vulnerability Scanning satisfies PCI DSS Requirement 11.2, making it even easier for you to achieve and maintain PCI compliance.

External Vulnerability Scanning.

External Vulnerability Scanning (EVS) provides a view of your network that emulates what hackers out in the wild see. It provides a detailed picture of the information available to potential attackers, including the vulnerabilities that can possibly be exploited in order to gain access to your network environment.

To make the information actionable, vulnerabilities are prioritized based on their relative criticality, and remediation guidance is provided so that you can quickly strengthen any gaps that are present.

External Vulnerability Scanning is performed from the cloud, so there’s no expensive software or hardware to install and maintain—it’s a simple-to-use service that can start delivering benefits the day you subscribe to it. Pylon EVS provides a comprehensive solution, strengthening your security and simplifying your compliance:

  • No hardware or software to install or maintain—just subscribe and go;
  • Vulnerability scanning of all your targets, by IP address or domain name;
  • Web application scanning to identify zero day vulnerabilities that may have been introduced by development teams, including cross-site scripting and SQL injection; and
  • Full support from Pylon’s trained team of vulnerability scanning experts.