Automated Vulnerability
Detection System Helps Keep Enterprises One Step Ahead of Hackers
New AVDS Allows Immediate Network-Wide Vulnerability Assessment
NORTHBROOK, IL, November 14, 2006 – Enterprise-wide vulnerabilities
to hackers and malicious attacks can now be detected more quickly
and easily than ever before, thanks to a new Automated Vulnerability
Detection System (AVDS) from Beyond Security, a leading provider of
security assessment technologies. Available now, the system’s
design allows immediate assessment of vulnerabilities during the development
phase and after deployment, thereby adding an additional measure of
security to enterprise networks beyond anti-virus software and firewalls.
Until now, the ability to assess an enterprise’s security
flaws has been beyond the reach of most organizations, due to resources
that leave little time for comprehensive analysis, or to a lack
of testing tools. This is compounded by the need to comply with
newly mandated information security requirements from both customers
and regulatory bodies.
The AVDS has been developed to address these challenges. The technology
maps an organization's entire network and simulates attacks originating
from within or outside the enterprise. Once the security mapping is
complete, AVDS generates a detailed, real-time vulnerability report
specifying security breaches, along with practical and easy-to-apply
solutions to those vulnerabilities. AVDS is designed to detect, manage
and control vulnerabilities on a daily basis. It does this in multiple,
heterogeneous IT environments through a simple central management
interface.
Designed for the enterprise, the solution consists of two appliances
that are managed through a simple central interface:
- Beyond Security’s proprietary scanning system, which reveals
vulnerabilities through simulated hacking, and can be updated with
new vulnerability data daily;
-
An information server (IS), which stores and generates reports
from the scanned results, and controls and manages all associated
scanning systems via a Web interface. The IS can be configured to
allow multiple users to connect to the system to read scan reports
or schedule scan jobs.
The information server includes a vulnerabilities database from
Beyond Security’s SecuriTeam Portal, one of the largest repositories
of IT security data. Providing the industry’s lowest false-positive
vulnerability management tool (less than one percent), the device
scans anything that communicates via Internet protocol, including
routers, servers, firewalls and gateways. The AVDS supports common
operating systems (Windows, Linux and UNIX) as well as application
scanning up to level 7.
Both the IS and scanning system are 1U rack mountable devices and
can be installed in any security operation center without taking
up valuable rack space.
Without automated vulnerability detection, most organizations are
able to scan their systems two to four times a year, but the information
is out of date usually within 24 hours. With an average of over
310 new security vulnerabilities announced each month, vulnerability
scanning should now be performed as frequently as anti-virus scanning
– daily, experts say. According to Brandon Buhai, COO for
Beyond-IP, the ability to frequently assess your software systems’
weaknesses brings a number of competitive advantages.
“Plugging security holes before problems occur means you can
avoid downtime, which helps to ensure business continuity,”
Buhai says. “And, continuity and security are key requirements
of mandates in virtually every industry – including Sarbanes-Oxley,
HIPAA and ISO 27001. Our solution helps you meet those requirements
cost-effectively and without tying up a lot of IT resources. That
frees up capital and people for more mission-critical projects.”
The AVDS is the only multi level scanning tool that scans for vulnerabilities
in the system, database, network, applications and web application
levels. It also scans anything that talks IP, including communication
equipment like routers, access points, VoIP phones and gateways.
Additionally, it scans security appliances such as Firewalls, content
filtering and anti-virus. Operating system specific tests include
UNIX, Linux, AS-400, Novell, Windows 95/98, NT, 2000/2003 and Windows
XP.
The AVDS includes a broad range of flexible reporting options, including
charts and graphs, summaries of vulnerable hosts or IP assets, and
detailed remediation information, in HTML, PDF, XML and CSV formats.
Trend indicators show vulnerability status via a color-coded dashboard
– from low (green) to high (red) risk levels. ABOUT BEYOND-IP
For organizations concerned about regulatory compliance or dissatisfied
with the network security audit services provided by their consulting
firms, Beyond-IP's Automated Vulnerability Vulnerability Service provides
higher quality, lower cost network vulnerability assessment and management
than any other alternative. Beyond-IP’s solutions allow simplified
measurement, monitoring and management of vulnerabilities over time.
Beyond-IP is the US distributor of Beyond Security LTD. To learn more,
visit www.beyond-ip.com.
ABOUT BEYOND SECURITY
Beyond Security, a privately-held company, develops leading vulnerability
assessment and self-management solutions that facilitate preemptive,
real-time and continuous network, server, database and application
security. The company was founded in 1999 by the founders of SecuriTeam
portal (www.securiteam.com), a leading source for vulnerability
alerts and solutions serving 1.5 million monthly page views to IT
security professionals. Beyond Security's founders are great believers
in automation, which is why the company sells tools instead of using
them to provide services. Beyond Security's goal is to decrease
the number of security holes in products to manageable levels and
empower software vendors to release secure products.
Contact for Beyond-IP, LLC
Ben Bradley
ben@bwmginc.com
630-221-9844
|
