VulScan

Network Vulnerability Management For The Rest Of Us

Automated Vulnerability Scanning. Affordably Priced For Everyone!

With almost 70 new hidden vulnerabilities identified every day, you would need to be a super hero with X-ray vision to find them all.

Or, you can let VulScan do it for you.

VulScan is purpose-built for MSPs and for IT Departments that handle their own IT security.

It has all the features you need for both internal and external vulnerability management, but without all the complexity found in older solutions.

Best of all, VulScan is priced so that cost is no longer a barrier to scanning as many assets as you need, as frequently as you want. That’s why our slogan is “Vulnerability Management For The Rest of Us!

VulScan is Complete

You get all the features you need to effectively harden your entire IT environment without all the complexity.

VulScan makes it easy to perform both internal and external scans. You decide when to scan, how frequently to scan, and which devices to scan.

Results are available immediate upon scan completion – via a convenient online dashboard, or sent to anyone you want via email.

Click here to learn more about all the features you get.

VulScan is Automated

Set up VulScan once, and it does the work for you.

It detects the issues.
It delivers the information you need to prioritize remediation.
It can create service tickets in your PSA.
It generates alerts
It can even tell you how to fix what it discovers

That means you don’t need more staff to keep up with new threats.

VulScan is Price Right

We don’t charge you for expensive appliances that you don’t need. VulScan is priced so you can deploy as many scanners as you need to cover your entire network, and they work together to speed up the data collection process.

And you’ll save more money by reducing labor wasted on chasing false positive results. The built-in exclusion tools let you flag any issues that you have remediated or are aware of and don’t need additional notifications.

If you already perform vulnerability scanning with another product, chances are good that a switch to VulScan will save you 30% or more in software and appliance licensing fees!

How it Works

VulScan is an affordable cloud-based vulnerability management platform. It includes the software needed to spin up an unlimited number of virtual network scanner appliances using Hyper-V or VMWare, and a cloud-based portal to control the scanners and manage the discovered issues.

For internal network scanning, the appliances can be installed on any existing computer that has excess capacity on the network, or installed on a dedicated box to be permanently installed. You can add multiple scanners and configure them each to scan separate parts of the network to get even faster results pushed into the same client site dashboard at no additional cost.

For external scanning, the appliances are installed on the MSP’s data center or other remote location and “pointed” to the public facing IP addresses of the target network.

Click here to find out more.

Uses For MSPs and IT Pros

qode interactive strata VulScan goes beyond basic vulnerability scanning. It helps MSPs develop new revenue streams, and helps internal IT professionals improve security without breaking the budget.

Create revenue opportunities and/or justify your IT spend by adding vulnerability scanning to your IT security routine

Stay “front and center” with your network security program by providing monthly updates to your clients or executive team

Differentiate yourself from your peers and competitors by offering enhanced cyber security services when others don’t

Click here to find out more.

Survey Results

We surveyed thousands of MSPs and hundreds of Internal IT Pros to learn how many actually perform vulnerability scans, how frequently they do it, and why. The results aren’t surprising and are shared by both MSPs and multi-functional IT professionals who handle IT security in-house. In both cases, the survey highlights the need for regular, affordable vulnerability scanning delivered by Vulscan.

To find out more about the results of the survey, click here.

Frequently Asked Questions

What is a vulnerability scanner?

A vulnerability scanner is a tool that helps organizations detect security vulnerabilities in their networks, systems and applications that could potentially be exploited by cybercriminals. Based on different configurations and scripts, vulnerability scanning tools run tests on assets that could be exploited. Overall, they bring to light information about the vulnerabilities in an IT environment, degrees of risk from each vulnerability and ways to mitigate a vulnerability.

How does a vulnerability scanner work?

Vulnerability scanner software only scans what it is configured for. Depending on the type of scan, the tool scans specific interfaces to invoke a response from the targeted devices. For example, if you want the tool to detect outdated operating system versions in your network, it will test the network devices accordingly.

Once it detects a device running on an outdated operating system, it will flag it as a vulnerability in the final scan report. Besides just identifying a vulnerability, certain vulnerability scanning software also review a vulnerability against a database of vulnerabilities to classify it and assign a risk rating to it. In the end, the tool generates a report with all these details.

What are the different types of vulnerability scanner?

Vulnerability scanning tools can be divided into five major categories based on the type of assets they scan:

Network-based scanners: These scanners are focused on identifying security vulnerabilities across a network, for example, unauthorized remote access servers. They assess practices and policies related to both public and private networks./li>
Host-based scanners: Such scanners identify vulnerabilities in workstations, servers and other network hosts. In the process, ports and services are scanned vigorously to provide greater visibility into the configuration settings and patch history of assets.
Wireless scanners: As the name suggests, these scanners specifically assess an organization’s wireless network. They successfully identify rogue access points making them crucial in today’s hybrid work environment.
Database scanners: These scanners identify security loopholes, such as misconfigurations, unsecure test environments and other weaknesses, in databases and big data systems.
Application scanners: This type of scanners play a crucial role in spotting vulnerabilities and misconfigurations in web applications used by an organization.

What are internal and external vulnerability scans?

External vulnerability scans are run from outside an organization’s network, targeting areas of the IT environment exposed to the internet such as firewalls, web applications, ports and networks. They unearth vulnerabilities in perimeter defenses like open ports in a network’s firewall.

On the other hand, internal vulnerability scans are run from the inside of an organization’s network. They detect issues such as vulnerabilities that could be exploited by a hacker who has already made it through perimeter defenses, and threats posed by malware inside a network and insider threats.

What is vulnerability scanning used for?

Vulnerability scanning helps organizations detect security vulnerabilities such as:

Outdated and unpatched software
Missing and poor data encryption
Operating system and security misconfigurations
Missing and broken authentication
Poor cyber awareness and human error

What types of compliance require vulnerability scanning?

Not only is vulnerability scanning a must-do in today’s threat landscape, it is also mandated by nearly every major data protection regulation worldwide. Therefore, vulnerability scanning can’t be ignored if an organization must comply with any such standard. Here are some examples:

General Data Protection Regulation (GDPR): Under Article 32(1), GDPR clearly mandates “a process for regular testing, assessing and evaluation the effectiveness of technical and organizational measures.” Vulnerability scanning is such a process.
Healthcare Information Portability and Accountability Act (HIPAA): Vulnerability scanning can help organizations — both business associates and covered entities — fulfil at least six specific requirements listed in the Security Rule and Privacy Rule of HIPAA.
Payment Card Industry Data Security Standards (PCI DSS): PCI DSS clearly states that any organization dealing with cardholder data must implement a process to identify security vulnerabilities and assign a risk rank to any newly discovered vulnerabilities. Vulnerability scanning can help any organization, even if it isn’t in the finance industry, to comply with this requirement of PCI DSS.

Apart from these regulations, IT security frameworks suggest vulnerability scanning as a best practice. For example, NIST’s Cybersecurity Framework recommends vulnerability scanning for all IT systems as a part of regular IT environment assessments.

How often should you vulnerability scan?

Performing vulnerability scans monthly or quarterly can lead to major blind spots and hence, which is why the Center for Internet Security (CIS) recommends weekly or more frequent scans. However, it also recommends organizations to increase patching frequency along with the scanning frequency.

LET US SHOW YOU HOW IT WORKS!

Want to learn more or get pricing? Use the GET A QUOTE button and on the Contact Us form, tell us what you need. If you’re ready for a customized one-on-one demo, use the REQUEST DEMO button below.

GET A QUOTE REQUEST DEMO

VulScan™