Vulnerability Management

Would you like to identify vulnerabilities permanently and on time and eliminate them systematically? As IT infrastructures grow more complex, threats grow increasingly critical, making it all the more important to be able to identify system vulnerabilities as quickly as possible and remediate them in a controlled manner. We assist you in designing and implementing a professional vulnerability management process, including applicable tools, for your company.

Our approach

Nicht bearbeiten!

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

Prepare
During the preparation phase, together with you we determine what requirements have to be met by your vulnerability management (VM) process, taking your security policies, compliance requirements, contracts and service level agreements into account. We then determine what types of vulnerabilities can be found. We differentiate between internal and external scans. External scans mimic the perspective of a malicious individual carrying out an attack from the internet. Therefore, they reveal vulnerabilities that are visible from outside the network. Internal scans, however, mimic the perspective of an attacker from inside the network and therefore reveal vulnerabilities that are visible within the network.
Discover
During this phase, we conduct a comprehensive analysis of your current setup. We identify your IT assets and determine network perimeters.
Organize
We perform risk assessments of your IT assets and networks and classify them. The results from this phase will impact the designated scan intervals.
Assess
During this phase, scan properties and testing parameters are configured and the intervals in which vulnerability scans will be performed are determined. We then configure your scans accordingly.
Report

We define your vulnerability scan reports’ templates according to your specifications, allowing you to work as efficiently as possible with the results.

Remediation

The remediation phase is intended for establishing processes and measures for rectifying identified vulnerabilities. Our experts are happy to assist you with the remediation process. We analyse vulnerabilities and verify, for example, whether patches or workarounds are available, or whether the configuration can be hardened. Additionally, we identify threats and offer to perform code reviews for you. We furthermore establish and/or implement policy management processes. (Ticketing)

Verify

In this phase, we verify whether measures for remediating vulnerabilities have been implemented. We conduct rescans and validate the results accordingly.

We offer an all-round service

Do you also require assistance with operational tasks? We do not only implement the process. If you wish, we also provide operational support, either on site or via remote access. We furthermore train your employees in how to work with the tools.

Contact

 

Please contact us with any questions or queries.

 

Phone: +49 6102 8631-190
Email: sales@usd.de
PGP Key
S/MIME
Contact Form

 

Daniel Heyne
usd Team Lead Sales,
Security Consultant Pentest, OSCP, OSCE