什么是网络漏洞扫描?
Network vulnerability scanning is the process of identifying weaknesses on a computer, 网络, or other IT asset that are potential targets for exploitation by threat actors. Scanning your environment for vulnerabilities informs you of your current risk posture, the effectiveness of your security measures, 和 opportunities to improve your defenses through vulnerability remediation.
获取和部署网络漏洞扫描程序通常是创建更主动的安全程序的第一步. 面对现代攻击者, it’s no longer enough to build high walls 和 wait out a siege; modern security programs have to identify the holes that they could exploit 和 seal them up before threat actors can take advantage. Network vulnerability scanners let you quickly assess your 网络 for these holes, show you how to prioritize 和 remediate flaws, 和 provide a great barometer for the overall success 和 progress of your security team.
网络扫描工具
漏洞扫描包括几个工具一起工作,以提供整个网络的最大可见性和洞察力. 这些工具包括:
- Endpoint agent: Collect data from endpoints all over your 网络. 单个代理可以连续监视漏洞、事件并收集日志数据.
- 云和虚拟基础设施扫描:将可见性扩展到物理基础设施之外,并确保您在整个网络中安全地配置所有内容.
- 遵从性维护:预先构建的扫描模板可以使您的组织对特定于您的行业的法规标准的遵从性具有开箱即用的可见性.
全面扫描网络的能力对于有效的漏洞检测和修复至关重要, 以及保持良好的声誉.
漏洞扫描的类型
There are many great reasons to continuously perform vulnerability scans across your 网络, 但扫描的类型可以有所不同. 例如, 发现扫描通常执行得很快,通常侧重于系统发现和任何可能打开的TCP/UDP端口.
Then there are unauthenticated scans versus authenticated scans. The unauthenticated variety performs detailed enumeration, 其中可以包括DNS解析, 操作系统类型, 服务运行. This methodology does not require credentials to perform scans on discovered systems.
经过身份验证的扫描利用凭据登录到系统并执行更具体的枚举. 这包括软件漏洞, 系统配置问题, 和 benchmarks against regulatory frameworks like 独联体, NIST等等.
InsightVM免费试用版
Experience the value InsightVM can offer your unique environment with a 30-day free trial.
开始What are the key features of a 网络 vulnerability scanner?
网络漏洞扫描器的关键功能应该协同工作,以扫描整个IT基础设施,并识别可被利用的潜在弱点. To do so, a scanner should have (at minimum) the following capabilities:
- Scan scheduling that doesn’t impact availability or performance of your 网络
- Comprehensive scanning that’s based off of the most exhaustive 已知漏洞列表 或
- 对您独特的网络体系结构的适应性和可伸缩性—扩展到基于云的和容器化的资产
- Identification of the largest, most critical threats to your environment
- 优先级排序和风险分析可以更好地通知您的策略,以便修复漏洞并报告进展
网络漏洞扫描器的扫描覆盖范围是至关重要的,因为不希望错过任何由于盲点而留下的可供攻击的漏洞. This extends to a scanner’s responsiveness to 和 coverage of zero-day vulnerabilities. Keep this in mind while engaging vendors in the proof-of-concept (POC) process, 这就引出了下一个问题.
The importance of accuracy 和 efficiency
Every company’s 网络 is different; it’s important to implement a vulnerability scanner that can intelligently scan everything from PCI environments to hospitals with minimal configuration 和 manual adjustment. This also means that your 网络 vulnerability scanner has to be extremely accurate, 具有针对每种主要风格的软件和操作系统的健壮的漏洞检查集. At times, this also extends to more esoteric systems like SCADA controls.
Most commercial 网络 vulnerability scanners do a good job of keeping up with the latest vulnerability checks; often, what makes or breaks a successful program is what comes next. 网络扫描工具使您能够在不同类型的设备和网络的不同部分中优先考虑数千个漏洞. This is critical to ensuring that your team is as efficient as possible, since you’ll never have the luxury of fixing every single vulnerability. 一旦完成, you have to get the information to the right people; it’s critical that your 网络 vulnerability scanner has the ability to easily show remediation steps to the people responsible for remediation. 高管级别的报告可以向管理层展示您如何随着时间的推移提高公司的安全性.
What makes InsightVM 和 its features ideal for 网络 scanning?
Rapid7 InsightVM是保护当今现代IT环境的领先网络漏洞扫描程序. So how does InsightVM provide unparalleled visibility into your risk posture, 与其它扫描解决方案相比?
- InsightVM与您的IT基础架构集成,可以更快速有效地识别网络中的变化. 这包括, 但不限于, 通过DHCP方式动态发现资产, 发现与 云服务提供商, 和 assessment of remote assets with the Insight Agent.
- InsightVM是唯一的网络漏洞扫描器,可以通过与Project Sonar集成来识别您面向互联网的资产(已知和未知), 这是Rapid7的一个研究项目,定期扫描公共互联网,以了解全球常见漏洞的暴露情况.
- InsightVM也是唯一的网络漏洞扫描器,根据CVSS分数的组合自动确定漏洞的优先级, 可利用性, 恶意软件的接触, 脆弱年龄. 这可以帮助您从成千上万的结果中筛选出最可能在实际攻击中使用的漏洞.
- InsightVM integrates with over 40 other leading technologies, 允许您将漏洞扫描数据扩展到整个网络的更大的安全计划中.
- InsightVM具有可定制的报告和实时仪表板,可以让合适的人轻松获取相关信息, 无论是为您的系统管理员提供详细的补救报告,还是为您的独联体O提供自定义遵从性仪表板.
More on 网络 vulnerability scanning with Rapid7
我们的网络漏洞扫描器, InsightVM, is top-ranked by analysts like Gartner 和 Forrester 和 runs on the Insight cloud platform, 使得创建一个 脆弱性管理 扫描程序. Whether you’re a small family business or a Fortune 100 company, InsightVM可以适应您的环境. 它使用多个漏洞检查和认证漏洞扫描,以确保我们的结果在您的动态和多样化的It环境中尽可能准确.
InsightVM受到从大型零售商到核电站和医院等组织的信任. 为什么? 它旨在轻松准确地识别正在扫描的资产,以及如何以最小的最终用户输入来最好地扫描和保护这些资产.
Not sure if you’re equipped to deploy a 网络 vulnerability scanner yourself? Rapid7提供 部署服务 以及培训,以帮助您建立从扫描到补救指导的整个漏洞管理过程. 您也可以让我们跳上驾驶员的座位与我们的管理漏洞管理服务.
准备好开始了? Sign up for a free trial of InsightVM below.