Scans networks and systems for known vulnerabilities
Over 50 new vulnerabilities are discovered every day. These are vulnerabilities that mean an increased risk of intrusion into your business. Our vulnerability scanning tool scans your system, server, firewall or web page and reveals which vulnerabilities are present. It also tests if everything is configured correctly so that nothing that should be private, with easy access, is public.
Finds vulnerabilities in systems • Fully automated vulnerability scanning • Report on completion of vulnerability scanning
Find and fix the vulnerabilities in your systems, servers and networks – before someone else does!
Conducting vulnerability scans and then remediating the vulnerabilities strengthens the organization’s defenses against cyber attacks. Our tool identifies vulnerabilities and gives you an overview, but also a detailed picture of how vulnerable your various systems are and how to fix them.
After a completed vulnerability scan, you will receive two different reports. A summary overview report that you can use to show your management the challenges you face security-wise (executives), as well as an in-depth detailed report that shows all vulnerabilities in detail.
We recommend running vulnerability scans once a month on critical systems. Then you have the opportunity to plug holes and find potential misconfigurations and security flaws before they are exploited. You then also get the opportunity to follow the remedial work in a better way.
Do you want to know more?
Get in touch with us and we’ll help you get started with your vulnerability scan.
Testimonials
Secify supports us in data protection issues and in our work with Data Privacy. In a trustworthy manner and with broad competence, Secify has contributed to our delivery.
Robert Ekvall, IT Security & Company Integration Lead
Three packages to choose from
Our vulnerability scan is divided into three different levels with different content in each package. For each package, there is also the option of adding a number of add-ons. More about it under the heading additions.
For all our packages, we recommend that you do an initial threat analysis. Through it, you get an overall picture of which threats are directed at your organization.
- Our vulnerability scanning tool is included in all three levels. With it, we can scan the web and infrastructure as well as internal and external IP addresses.
- A comparison of the number of vulnerabilities that have been fixed and the number of new vulnerabilities that have been discovered since the last scan
- Overview showing statistics on how vulnerabilities have been worked on over a longer period.
- Our risk value is a value based on the total number of vulnerabilities in the system and the total risks associated with the vulnerabilities. The value consists of a number between one and ten and summarizes the total technical cyber risk that the system has.
Addons
If you want even more, there are a number of add-ons that you can choose from*. The supplements can be applied to all our packages. You can easily order by contacting one of our salespeople.
- Excel version of the report
The report containing all vulnerabilities is sent as an Excel file - Verification of false positives
An extra manual check of the vulnerabilities - Inventory of networks
We receive a list of IP addresses that are all scanned - Review of the results with an IT security consultant
For an hour, we go through the results together and find a way forward
*For those who have needs that are not covered by the above, we are good at finding a solution.
Vulnerability scanning and penetration testing is not the same thing
But in our range of services, they are very close at hand. A penetration test, or pen test, is an extended form of vulnerability scanning where the basis (i.e. the results of the vulnerability scan) is used as a starting point to manually try to get into the system.
If the system is connected to the network or contains information assets that are important to the business, we recommend that you do a pen test, as a next step to determine which vulnerabilities are most critical to fix. You can read more about penetration testing on our services page.
FAQ
Here are answers to the most common questions about vulnerability scanning. Do you have a question that is not listed? Use the contact form further down the page.
If you have never scanned the system before, it is a good idea to do the scan after regular working hours. If you have a critical system that you update frequently, you should also ensure that the vulnerability scans take place continuously at regular intervals.
The vulnerability scan tests whether the vulnerability exists in the system. If you compare it to a pen test, the penetration test goes deeper and tests whether the vulnerability can be used to penetrate the system.
The vulnerability scan is an effective and fast way to identify which vulnerabilities exist in systems. It also tests the organization’s ability and level of maturity to handle the actions that come after a vulnerability scan.
After a vulnerability scan, you get a report in your hand. That report needs to be worked on. Start by reviewing the critical vulnerabilities first and then prioritize the order in which they should be addressed. After that, it is good if you leave the work to a technician to complete.
You should actually vulnerability scan all systems that have an external IP address, even the company’s website. It is also good to scan the server that holds the information assets. In other words, the server that is most critical to the business.
If you have a very old system that is unstable, the vulnerability scan can absolutely cause the system to crash. But under controlled conditions and with good planning in advance, the risks are minimized
A vulnerability scan is carried out using a software according to a pre-configured schedule and scope.
A vulnerability scan is carried out with software that scans the environments and generates a report of identified vulnerabilities. During a pentest, it is taken one step further and evaluates whether the vulnerabilities can be exploited further and gives recommendations on measures
We recommend that the vulnerability scan takes place continuously. How often depends on which systems you have, but a rule of thumb is that this is carried out at least once a month. It is also important that the remedial work itself also takes place continuously.
It is a security test that can be done, among other things, on a firewall, a system, server or web page to find and visualize current vulnerabilities
55 new vulnerabilities are discovered every day. This means that no system is safe. Attackers attack vulnerabilities in systems on a daily basis to try to gain access to the organization’s information assets or to perform additional attacks on the system.
