Mitigate risk by proactively identifying and assessing security weaknesses in systems or networks.
Discover and Control Your Cyber Weaknesses All Under One Roof
- Effortlessly import and analyze your internal and external attack vectors.
- Effectively oversee your vulnerabilities through user-friendly dashboards, timely alerts, and robust reporting tools.
Utilize RTScan for Enhanced Compliance and Vulnerability Management
Our customers rely on RTScan to safeguard their enterprises and meet essential compliance standards, including ISO 27001, NIST CSF and SOC 2.
Understanding External Vulnerability Scans
An external vulnerability scan is a critical security assessment conducted from outside your network. Vulnerabilities exposed to the public pose a significant risk, as they are easily accessible to potential attackers. Engaging in an external vulnerability scan is a proactive measure that helps safeguard your business by identifying potential threats before malicious actors can exploit them.
Best Practices for External Vulnerability Scanning
Attack Surface Discovery
Conduct a comprehensive port scan on all your public IP addresses to reveal your attack surface and detect any misconfigured firewall rules.
External Network Vulnerability Scan
Leverage a network vulnerability scanner, such as OpenVAS, to identify vulnerable services exposed outside your network. For example, it can identify outdated and susceptible versions of openssh running on port 22 of your web servers.
Web Application Vulnerability Scan
Perform a web application vulnerability scan on any websites accessible via the public network. This helps identify vulnerabilities like SQL injection and remote command execution.
Continuous Security Monitoring
Cyber threats constantly target vulnerable businesses on the internet. To swiftly discover and mitigate vulnerabilities, establish a regular schedule of continuous scanning, rather than relying solely on one-time scans.
External Vulnerability Scanning Service
Our comprehensive external vulnerability scanning service includes:
- Port scans
- Network vulnerability scans
- Website vulnerability scans
- Continuous monitoring with scheduled scans
- Alerts and notifications for new findings
- A vulnerability management system to reduce noise and prioritize risks
Internal Vulnerability Scanning
Discover the process of conducting internal vulnerability scans using HostedScan.
Distinguishing Internal from External Scans
An internal vulnerability scan is executed from within a Local Area Network (LAN) or another private network. The scanner dispatches requests exclusively within the private network, systematically probing and testing all devices, even those inaccessible via the public internet.
In contrast, an external vulnerability scan occurs from beyond the network, traversing the public internet. Here, the scanner replicates the perspective of an external attacker.
Both internal and external scans hold vital roles within cybersecurity protocols and are often stipulated by various certification standards.
We integrate with the world’s leading open-source scanning tools. To perform vulnerability scans within an internal network, you’ll deploy trusted scanners widely recognized and employed by countless cybersecurity experts. Subsequently, the scan results are conveyed to the platform.
Monitoring Your Attack Surface
Gain comprehensive insights into your digital landscape by effortlessly importing all your domains, IP addresses, and cloud accounts.
Maintaining vigilant oversight of your organization’s attack surface is paramount in today’s rapidly evolving threat landscape. The first step in fortifying your defenses is the thorough and uncomplicated import of all your digital assets, which include domains, IP addresses, and cloud accounts. By incorporating these elements into your monitoring strategy, you can actively track your attack surface’s footprint. This proactive approach enables you to stay ahead of emerging threats and vulnerabilities, ensuring the security and resilience of your digital assets in the face of evolving cyber risks.
Streamlined Centralized Risk Management
Efficiently triage vulnerability findings and create comprehensive executive reports to enhance your organization’s risk mitigation strategy.
In the modern landscape of cybersecurity, a streamlined approach to centralized risk management is pivotal. It involves the effective sorting and assessment of vulnerability findings, ensuring that critical issues are promptly addressed. Moreover, this process doesn’t end with mere identification; it extends to the generation of in-depth executive reports. These reports offer a panoramic view of your organization’s risk posture, providing key stakeholders with the insights necessary to make informed decisions. By centralizing your risk management efforts, you empower your organization to act swiftly and decisively, strengthening its overall cybersecurity framework and ensuring that critical vulnerabilities are managed in a prioritized and strategic manner.
TOOLS
OpenVAS
Discovering Insecure Software and Scanning for Common Vulnerabilities and Exposures (CVEs)
Key Points About OpenVAS:
- A reputable network vulnerability scanner used by the industry.
- Identifies outdated, misconfigured, and vulnerable applications.
- Detects vulnerabilities in WordPress and WordPress plugins.
- Scans a wide range of assets, including servers, virtual machines, and devices.
Utilizes an ever-current OpenVAS installation.
- Offers a risk management platform for vulnerability tracking and reducing unnecessary alerts.
- Provides ongoing monitoring through scheduled scans.
- Sends automatic notifications for newly discovered vulnerabilities.
Nmap
Use Nmap to verify the correct configuration of your firewall and network, ensuring no unintentional exposure.
Nmap Online Port Scan Details
Nmap, the leading port scanner in the industry, is a daily essential for enterprises and cybersecurity professionals. It’s a powerful tool to identify open ports across your servers, devices, and networks. HostedScan Security offers an online port scan service powered by Nmap, trusted by numerous businesses.
Port Scanner Use Cases
Conducting open port scans is a crucial step in safeguarding your servers and networks against potential cyber threats and data breaches. These scans ensure that only the expected ports are accessible and that there are no misconfigurations in your services or firewalls. Regular port scans are often mandated for certifications like ISO 27001 and SOC-2 compliance.
HostedScan Security Benefits
- Enjoy comprehensive coverage with both TCP and UDP port scans to meet ISO 27001 and SOC-2 requirements.
- Benefit from continuous monitoring through scheduled scans.
Receive automatic alerts when new open ports are detected. - Streamline your vulnerability management process and reduce noise.
GitHub Dependabot
Efficiently manage Dependabot vulnerabilities from a centralized location.
Dependabot checks for outdated dependencies as soon as it’s enabled. You may see new pull requests for version updates within minutes of adding the configuration file, depending on the number of manifest files for which you configure updates.
Snyk
Consolidate container risks and scan results in one central location.
Snyk Open Source provides advanced software composition analysis (SCA) backed by industry-leading security and application intelligence
OpenAPI (Swagger)
Conduct security assessments to identify weaknesses and vulnerabilities in your APIs.
API Security Scan vs Traditional Website Scan
An API security scan focuses on testing API routes for security vulnerabilities like SQL injection and remote command execution (RCE). This type of scan requires an API definition file, such as an OpenAPI or Swagger template, to understand the API routes and parameters.
In contrast, a traditional website scan begins with a website URL and proceeds to crawl the webpage by following hyperlinks and clicking buttons. While a website scan may encounter some APIs during its crawl, its coverage of API vulnerabilities is typically less comprehensive compared to a dedicated API security scan. However, a traditional website scan does inspect the website’s HTML and JavaScript for potential security issues, including vulnerable JavaScript dependencies.
Sslyze
Conducts a thorough analysis of your SSL/TLS configuration, identifying issues like problematic certificates and vulnerable ciphers, among others.
SSLyze Highlights
- A widely trusted TLS and vulnerability scanner.
- Identifies vulnerabilities like Heartbleed, Robot, and more.
- Detects expired and compromised certificates.
- Evaluates TLS version support and weak ciphers.
HostedScan Benefits
- Keeps your SSLyze installation up-to-date at all times.
- Offers a risk management platform for vulnerability tracking and noise reduction.
- Enables continuous monitoring with scheduled scans.
- Provides automatic alerts for newly discovered vulnerabilities.
OWASP ZAP
- Embrace the industry’s trusted web application vulnerability scanner, OWASP ZAP.
- Efficiently crawl websites and SPAs.
- Mitigate XSS and address other OWASP top 10 security risks.
- Identify vulnerabilities in JavaScript libraries.
- Enhance API scanning with OpenAPI templates for a more comprehensive assessment.
HostedScan Benefits
- Keep your OWASP ZAP installation up to date, always.
- Leverage a risk management platform for tracking vulnerabilities and reducing noise.
- Ensure continuous monitoring with scheduled scans.
- Receive automatic alerts for newly discovered vulnerabilities.
- Conduct authenticated web application scans via recorded logins.
OWASP Security Scan Details
HostedScan offers two OWASP security scan options to cater to various user requirements. Both scans utilize the OWASP ZAP (Zaproxy) scanner, a renowned open-source project widely adopted by prominent players in the security industry. These scans diligently test websites and web applications, addressing OWASP Top 10 risks and beyond.
The Passive Scan method involves loading a website’s pages and assessing vulnerabilities such as cross-domain misconfigurations, insecure cookies, and susceptible JavaScript dependencies. This scan is typically completed within a few minutes.
On the other hand, the Active Scan method actively submits forms and sends requests to the web application to rigorously evaluate vulnerabilities like SQL injection, remote command execution, and cross-site scripting. It’s important to note that the active scan, while non-destructive, may generate numerous requests to the web application as it systematically examines all potential vulnerabilities. Permission from the application owner is essential to conduct this scan. The duration of the scan can vary, potentially taking several hours depending on the complexity of the target being assessed.