Vulnerability Management Training 10

1
SECURIUM FOX offers cyber security consultancy
services with its expert and experienced team. We
are providing consulting services to prevent
cyber attacks, data leak and to ensure that our
customers are ready and safe against cyber
attacks, with more than 15 years of
experience.In addition to pentests and
consulting services, SECURIUM FOX prepares its
customers and field enthusiasts for real life
scenarios by providing trainings in the lab
environment which was prepared by themselves,
with its young, dynamic and constantly following
team.Everytime that hackers are in our lives,
there are always risks that we can face with a
cyber attack. Over the years cyber security has
become a critical precaution for all
organizations and companies after the effects and
number of attacks. SECURIUM FOX tests the weak
points of customers for possible attacks and
provides consulting services to eliminate these
weak points.SECURIUM FOX team also offers
support for the development of our country in
this field by supporting free events being
organized as a volunteer by the Octosec team.
ABOUT US
2

• VULNERABILITY MANAGEMENT

3
Vulnerability Management

• The Security Next-Generation
• Vulnerability Management solution, based on
• Vulnerability Control, formerly Risk
• Control, continuously monitors the attack surface
• and critical attack vectors. This feeds
  vulnerability data into automated risk-based
  prioritization
• and remediation, which allows security teams
• to immediately remediate critical
  vulnerabilities.
• Skybox Vulnerability Control can complete
  vulnerability discovery, analysis, and
  remediation
• tasks in a large enterprise environment in a
  single
• work day, and complete vulnerability discovery
• at least 50 times faster compared to traditional
• vulnerability assessment with an active scanner.
• Enterprises and government agencies using the
• Skybox vulnerability management solution report
• breakthrough results

4

• Nearly 100 percent reporting accuracy every
• day, with no disruption.
• gt False positive reduction to near-zero levels.
• gt Elimination of 99 percent of irrelevant
• vulnerability data.
• gt Detection of 100,000 real vulnerabilities
• within hours of deployment.
• gt Same-day discovery, analysis and
• remediation of critical risks.
• gt Effective reduction of risk, prior to
• exploitationfor the first time.
• gt Information from metrics and dashboards is
• used to justify additional security resources.

5
How It Works

• NON-DISRUPTIVE, SCANLESS
• VULNERABILITY DISCOVERY
• a scalable solution for scanless
• discovery converts the product configuration
• and description information stored in system and
• security management repositories into a detailed
• and accurate product catalog. It then accurately
• deduces a list of vulnerabilities present in the
• network environment. With this information, more
• than 90 percent of the vulnerabilities in a
  typical
• enterprise network can be accurately discovered,
• without an active scan. This approach eliminates
• the many challenges associated with active
• scanning and provides the following benefits

6

• Continuous vulnerability discovery covers 90
• percent of very large networks in less than
• one day, compared to traditional vulnerability
• management processes that take 30-90 days
• to cover 50 percent of such networks.
• gt Comprehensive coverage enables
• organizations to detect vulnerabilities on
• previously non-scannable parts of the
• network, such as critical systems, network
• devices, and mobile devices.

7

• gt Vulnerability assessment delivers detection
• at speeds of 12,000 hosts per hour,
• compared to the typical 250 hosts/per hour
• rate with a traditional active scanner.
• gt A non-disruptive technique discovers
• vulnerabilities from information repositories
• rather than touching every node.
• gt This approach to vulnerability management
• implements easily and effectively reduces
• the attack surface.

8

• Hot Spot analysis of the attack surface
• allows a quick focus on the most exposed
• elements of the technology stack. This
• analysis highlights the root cause for the
• exposure and provides broad-brush action
• items that are relevant for a large group of
• hosts for example, all Microsoft Windows
• servers in a regional datacenter or all
• Microsoft Windows 7 desktops and laptops

with Adobe Reader installed. gt Remediation
Prioritization is based on risk indicators that
quantify the weight (or contribution) of each
vulnerability type in a given group of hosts in
order to focus on the largest contributors to the
organizations risk level and corporate policies
to determine which vulnerabilities should be
remediated and when, given their severity.
9

• Attack Simulation analysis finds attack
• scenarios using chains of multiple attack
• vectors that lead to possible exploitation of
• critical assets, considering the configuration
• of all security controls, such as firewalls, IPS,
• network topology, and other factors. This
• analysis provides a surgical identification
• of critical attack vectors that must be
• eliminated as soon as possible to prevent an
• advanced targeted attack or a fast spreading

• advanced targeted attack or a fast spreading
• malware. Remediation prioritization is based
• on risk metrics that quantify the likelihood
• of the attack vector exploitation times the
• potential damage to the downstream asset.
• The Skybox analytic approach provides
  organizations with significant advantages. Even
  for a very
• large network with many vulnerabilities, Skybox
• analytic-driven prioritization reduces the number
• of distinct action items by 95 percent or more,

10
You can always contact with SECURIUM FOX. You can
contact us through our email addresses or by
using the contact form on the side.

• INFO
• 3rd Floor,Lohia Towers,
• Nirmala Convent Rd,
• Gurunanak Nagar,Patamata,Vijyawada,
• Andhra Pradesh -520010
• 9652038194
• 08666678997
• info_at_securiumfoxtechnologies.com

11

• info_at_securiumfoxtechnologies.com
• Andhra Pradesh Office
• 91 8666678997,91 91652038194
• 3rd Floor,Lohia Towers,
• Nirmala Convent Rd,Gurunanak Nagar,Patamata,Vijaya
  wada,
• info_at_securiumfoxtechnologies.com
• UK Office
• 44 2030263164
• Velevate, Kemp House, 152 - 160,City Road,EC1V
  2NX
• London
• info_at_securiumfoxtechnologies.com
• Tamil Nadu Office
• 91 9566884661
• Kailash Nagar, Nagar, Tiruchirappalli, Tamil Nadu
  620019
• info_at_securiumfoxtechnologies.com

• Noida Office
• 91 (120) 4291672, 91 9319918771
• A-25, Block A,
• Second Floor,Sector - 3,
• Noida, India
• info_at_securiumfoxtechnologies.com
• USA Office
• 1 (315)933-3016
• 33 West,17th Street,
• New York,
• NY-10011, USA
• info_at_securiumfoxtechnologies.com
• Dubai Office
• 971 545391952
• Al Ansari Exchange, Ansar Gallery - Karama
  Branch, Hamsah-A Building - 3 A St - Dubai -
  United Arab Emirates