What is it about?
We are well aware of the obstacles present in SMEs when they want to introduce processes and tools of IT Security and in particular when they require activities of Vulnerability Assessment on applications and systems carried out regularly. Lack of resources, both specific skills and economic, are the order of the day.
In this context, however, it is necessary to respond to the needs of corporate compliance (a reference above all: the GDPR) and the protection of their digital assets or intellectual property. An assessment is certainly the starting point to address these needs: from this must arise then adequate workflow for the management of remediation and their verification. If this exercise does not remain an isolated case but is carried out regularly, a virtuous process of Vulnerability Management is triggered that allows, for subsequent refinements and reduced incremental efforts, to maintain or increase the level of security achieved.
In order to combine Vulnerability Management within SMEs, CryptoNet Labs offers the proprietary SpiderGuardian solution, an “all-in-one” tool to manage the entire lifecycle of IT system vulnerabilities on the Internet and Intranet, from their identification to the verification of their placement.
SpiderGuardian is structured in different modules to identify and deal with the problems that a network exposure involves:
- unnecessary services, but above all vulnerabilities at network and application level through active analysis, i.e. interacting with targets through “best of breed” scanning engines, or even through passive analysis;
- reputation of their public IP addresses, in being classified as unreliable because they are a source of malware or spam;
- other threats related to indicators of compromise, cybersquatting, metadata contained in published documents, etc.
All organisations exhibiting business-critical or sensitive services on the Internet or on an internal network.
Who can benefit from it
Manage the life cycle of technological vulnerabilities, optimising dedicated resources. Highlight compliance over time because it is “business as usual”.