An external vulnerability scan is a security test of your external services. These typically include internet facing servers, services and software applications too. Examples include mailserver, VPN services, extranet, portal, webservers hosting applications, and test/staging servers. Our team runs the scan on your external services as a Managed Service. It is run at a regular interval, daily, weekly or monthly, depending on your risk profile.
Why an external vulnerability scan?
An external vulnerability scan is an ideal way of seeing how vulnerable your external systems are to a hacker using free tools and basic trade craft. All businesses should run vulnerability scans regularly. It has been proven that within one hour of a new server being connected to the internet, probing scripts were already being run on the server to see what services it hosted. Tools were run against these services to see if they were outdated, and vulnerable to an attack.
The external vulnerability scanner service also scans ports to check which ones are open. Anti-Virus software will not do this for you. Many cyber attacks are through ports inadvertently left open. They are a back door into your business, from which a hacker can potentially access your systems and data.
Businesses handling credit and debit cards are subject to the Payment Card Industry Data Security Standards (PCI-DSS) standard. This mandates:
- An annual penetration test
- At least quarterly vulnerability scans
The borwell cybx team will:
- Configure the scanning service for you
- Start the scanning process
- Keep in touch with you and alert you to new vulnerabilities or new methods that hackers are using
- Provide telephone and email support
- Liaise with your internal and/or external IT staff and providers if vulnerabilities are found
You will then be able to:
- Undertake remedial work internally or with your IT partners
- Comply with your internal Governance and Risk Compliance (GRC) processes and Information Assurance (IA) processes
The borwell cybx team is UK based and helps businesses globally by running the XVS service on their web-facing enterprise services.
If you are interested in the external vulnerability scanner service please contact us