Vulnerability Scanner

Identifying weak points. Eliminating weak points.

The KeyIdentity Vulnerability Scan gives you an overview of your externally accessible IT infrastructure and its components, so you can identify vulnerabilities and prioritize their elimination.

„If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology.” -- Bruce Schneier

Upgraded to the maximum, there are few companies that do not believe that simply accumulating security technology after security technology is the solution to avoid incidents.

Patch management of all servers, workstations, network devices and appliances, mobile devices, operating systems and the installed applications is mandatory, but in various companies often not the case due to IT security not being prioritized in favor of stable operations, due to resource problems or due to a wide range of other reasons. However, a single, unpatched gap in security is sufficient for an attacker to compromise an infrastructure.

According to the VULNERABILITY REVIEW 2017, 82% of the top 50 applications are attacked via networks. With 17.147 vulnerabilities newly discovered in 2016, 18% of which were critical, unpatched systems accessible from the Internet are highly problematic from a security perspective.

This is why – for example – the Australian Signals Directorate names patch management three times among the four basic measures to mitigate targeted cyber intrusions.

With the KeyIdentity Vulnerability Scanner, you can obtain cyclical status updates of any vulnerable IT infrastructure accessible from the Internet. As part of these updates you will receive regular reports about unpatched gaps in security, which we have identified, from us, along with information about their criticality and recommendations on how to remedy them. This will enable you to detect process errors and gives you an additional independent view of your IT infrastructure. Let us find your vulnerabilities before attackers do.

All we need from you is to provide the IP addresses you want us to scan cyclically, the number of scans per year we should perform on those addresses, and an e-mail address to send the vulnerability reports to. This is operated as a managed service so that you can concentrate on its essential aspects.

Combining our Vulnerability Scanner with our flexible multi-factor authentication solution helps you fulfil two of the key eight basic IT security measures and allows you to take a big step full compliance.  

Do you trust your IT infrastructure?

Do you trust your IT infrastructure? A functioning vulnerability management should be a basic element of the infrastructure of every IT operator and service provider. In reality however, infrastructure devices and services, which usually communicate via networks, are installed and then often no longer maintained. Over time it becomes difficult to keep track of all components and their current software version.

Consequently, there are most likely vulnerabilities in your IT infrastructure that can be exploited by attackers. Usually such attacks are noticed far too late and the damage – be it theft of information or an image loss – is enormous.

The KeyIdentity Vulnerability Scan gives you an overview of your externally accessible IT infrastructure and its components, so you can identify vulnerabilities and prioritize their elimination.


KeyIdentity Vulnerability Scanner

With the KeyIdentity Vulnerability Scanner you can detect those security gaps in your IT infrastructure, which are accessible from the Internet. A security gap can consist of missing security patches, the use of insecure configuration parameters or similar issues. As part of the scan, we will provide you cyclically with a list of identified weak points in your IT infrastructure, as well as their history, including a prioritization. This allows you to identify, where process errors may occur and eliminate them permanently. In addition, you will be able to reassess the vulnerability of your IT infrastructure at any time. As part of a KeyIdentity Managed Service, you will receive one scan per month (more scans are possible). All you need to do is provide us with your publicly available IP addresses. All systems accessible from the Internet are scanned, after which you will receive a report with recommendations for closing any gaps along with a status update on how the threat situation has changed.