IT Infrastructure Vulnerability Management (VM) with WISE™ Scan

Go beyond VAPT. Fix, Don't just find!

What is Infrastructure VM?

The thousands of network nodes running inside your organisation not only needs continuous monitoring of their logs
but a red team continuously trying to break into your infrastructure equipped with the most updated exploit library,
both public and private such that we can not only to provide you with the most comprehensive assessment report with our semi-automated methodology,
but also to help you address the gaps identified in the report.

Scope of Infrastructure VM

Internal Network VM

We are given an access to your internal network where we perform our scans across each device in the network and produce a report and then help you patch the identified gaps.

Network Perimeter VM

Your external facing Network Perimeter with devices and their ports running services are accessible to anyone and everyone from around the globe. They need to be continuously scanned and monitored for any potential vulnerabilities and threats.

Network Architecture VM

A large number of times, even after having the best of equipments installed and working within your network it becomes vulnerable to multiple types of attacks, both from outside and inside your organisation. Architecture review allows us to identify such gaps and help you plug them.

Execution Methodology

1
Scope Sign Off
2
Scan Scheduling & Functional Walkthrough
3
Actual Scan
4
Reports & Analytics
5
Patch Assistance & Certification

Execution

Actual Scan Methodology

In this phase, analyst to ascertain the breadth/scope of the assessment. Main purpose is to identify and determine the total number of systems, servers and other network devices such as firewalls, routers, printers, etc. Outcome of this activity consists of hostnames, IP addresses and network range details. This activity helps to identify every possible avenue of attack surface. Few of the information which our analyst may gather are as follows:

  • Domain names
  • IP Addresses
  • Server/System names IP Ranges
  • ISP/ASP information

Live systems identified in the above phase will be actively probed for responses that will reveal its operating system and version level. This activity helps to identify the known operating system vulnerabilities and loopholes which can be patched afterwards with the help of vendor advisory. Outcome of this activity

  • OS type (32/64 bit)
  • System type (Windows/Linux/Unix)

In this phase, Lucideus analyst will map the entire network as observed by him/her during the discovery and fingerprinting phase. This activity will help analyst to prioritize the network segment during the subsequent phases and obtain blueprint of the organization.

The aim of this phase is to identify open ports and services running on them. Testing of different ports and services depends upon the operating system types and services running on it. NMap and Unicornscan along with custom scripts incorporating OpenSSL and Netcat will be used by our analysts. Outcome of this activity will consist:

List of open/closed/filtered ports

  • Service types (SMTP, DNS, HTTP, FTP, SSH, etc.)
  • Service application type (PureFTPD, openSSH, etc.)

This phase provides holistic approach for risk management to an enterprise. Based on the information collected in first 4 phases, Lucideus analyst will find security weaknesses in target systems. It helps to identify how attack can be launched using identified entry points in the systems. This activity is carried out with the help of well-known commercial and non-commercial tools such as Nessus, OpenVAS, Metasploit, etc. in addition to manual approach incorporating in-house scripts. Results of the automated scanners are manually verified in the next phase of the assessment. Types of checks performed are known vulnerabilities identification, configuration flaws, default credentials, patch level, etc.

The vulnerability assessment of any identified web application is conducted based on Lucideus Application Security Controls List. Verification: In above ‘vulnerability assessment’ phase, automated scanning tools generate multiple reports along with multiple vulnerabilities at various threat levels. The first action taken by Lucideus NISE (Network Intelligence and Security Experts) team is to thoroughly analyze and validate each test results generated by the above mentioned tools. It gives client the guarantee of ZERO false positives result at the end.

In order to gauge the business impact of identified vulnerabilities, Lucideus analysts may perform controlled exploitation with the client’s prior permission. This phase is not mandatory. However for the client’s better understanding and to evaluate threat, this activity is recommended for the sample set of vulnerabilities. Outcome of this activity will consist:

  • Proof of Concepts of successful exploitation

An in-depth network security assessment report will be submitted to the network security team. Also an executive summary report will be provided for the project coordinator and business team.

These are the report highlights:

  • Summary of the approach
  • scope details
  • Vulnerabilities identified
  • Vulnerabilities identified
  • Business Impact
  • Remediation
  • References and the guarantee of ZERO false.
  • Positive result at the end.

Features

Access Control Policy

AI Powered Cloud Based Scan

Powerful Scan divided into 3 layers - Broad Sweep Scan, Lucid Lense Scan and WISE Manual Scan. Together they bring out the most comprehensive control list for vulnerability assessment

Cloud Security Policy

Extremely Scalable with Multi Threading

Perform multiple scans with the power of multi threading, without losing out on time and precision. You can, in parallel test hundreds of applications without interruptions

Code Review Policy

Zero False Positive Guarantee

Our post scanning filter allows us to reduce the false positive rate to zero so that the final report generated is both actionable and accurate

Asset Mangement Policy

Generation of Compliance Reports

When the WISE Scan is run on an application and all it's components, the tool can provide the percentage compliance of the application to globally accepted compliance standards such as PCI DSS 3.1, ISO 27001, NIST SP 800-53 among others

High Level Control List

High Level Control List

  • Default Credentials
  • Security Updates
  • Session Management
  • Outdated Service
  • Authentication
  • Secure Configuration
  • Authorization
  • Transport Security

Reports and Analysis

We make 2 reports for every scan we perform.

  • Technical Report - Containing details of every identified vulnerability, potential technical impact, exhibits and actionable recommendation. This is a detailed report that helps a solutions manager patch the gaps identified.
  • Manager’s Report - Containing high level details of the identified vulnerabilities, operational impact of each vulnerability, potential financial impact along with the criticality of the identified gap. It also gives a suggested prioritisation for the patch work.

Download Sample Report

Interested in IT Infrastructure Vulnerability Management?

It’s Easy to Locate Us

Although we serve companies from across the globe, we are headquartered in India.

  • ADDRESS

    Lucideus House,Plot no. 15,
    Okhla Phase III, New Delhi - 110020

  • PHONE

    +91 11 2632-2632 /33

    +91 11 4053-4055

  • EMAIL

    info@lucideustech.com

Contact Form