1 / 11

SecureWorks Scanning Module

SecureWorks Scanning Module. Perform internal and external network scans also asset discovery Quickly identify whether your scanning exposure increased or decreased over a period of time Expedite remediation utilizing the provided exposure synopsis and solutions. Vulnerability Scanning Summary.

moana-herring
Télécharger la présentation

SecureWorks Scanning Module

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SecureWorks Scanning Module

  2. Perform internal and external network scans also asset discovery • Quickly identify whether your scanning exposure increased or decreased over a period of time • Expedite remediation utilizing the provided exposure synopsis and solutions

  3. Vulnerability Scanning Summary

  4. Remediation

  5. Synopsis, Description and Solutions

  6. Vulnerability Scanning Scheduler

  7. Types of Scans • Default: similar to the Commonports_ping which scans approximately 4,500 ports that are frequently listening (such as ports 22, 80, 443, 445, etc.). Before attempting to scan a given host a ping must be returned. • Discovery: profile will not perform a port scans only ping the specified networks/hosts and provide a report containing hosts that responded to the ping. • Commonports_noping :similar to the default scan the only difference is that All target IPs will be port scanned and they do not have to return a ping. This implies a longer time to completion, as every IP will be port scanned for ~4,500 ports • Allports_ping: this scan is ran against all ~65,000 ports on every target IP. Before attempting to scan a given host a ping must be returned. • Allports_noping: this scan is leverage all ~65,000 ports on every target IP. All target IPs will be portscanned; they do not have to return a ping. This implies a significantly longer time to completion, as every IP will be portscanned for ~65,000 ports. A scan of a /24 network can be expected to take close to 24 hours. • Allports_noping-Exceedingly_Verbose: scans all ~65,000 ports on every target IP. All target IPs will be portscanned; they do not have to return a ping. This implies a significantly longer time to completion, as every IP will be portscanned for ~65,000 ports. A scan of a /24 network can be expected to take close to 24 hours. This profile is designed specifically to return multiple low-risk exposures for every host scanned. • OS_Detection: Scans a few ports in an effort to fingerprint the OS. Before attempting to scan a given host a ping must be returned.

  8. Pending/Completed Scans

  9. Active Scan Progress

  10. Conclusion Secure Operations Center 877-838-7960 soc@secureworks.com

More Related