Do you examine vulnerability actually?

As vulnerability be examined and be wrote, the hacker could use less and less time to attack the users' target. The managers of Management Information System control internet security using security protection equipments such as firewall, intrusion detection system and so on. Besides, most managers start to execute the vulnerability assessment system regularly or commission Information Security Firms to do it. The purpose of these managers is examining that there are threat and vulnerability inside our industrial workstation. After scanning, we could get an assessment report, analysis and trace the vulnerability.

We provide seven steps for you to examine vulnerability.
  • Understand Network & Framework
    When you want to execute vulnerability audit, you need to understand industrial networking environment and confirm which networking services and applied programs in networking framework. Besides, you should ascertain if there are other items that needed to pay attention to and cooperating before execute vulnerability scanning.
  • Select Scanning Target
    You should decide which hosts, applied programs and networking frameworks need executing the vulnerability assessment system. If the organization owns large scale, we suggest that you should use scheduling function to scan different parts. When you obtain examining report, you could select one way that e-mailing, saving or importing it in ODBC. These three ways could reduce occupation of bandwidth and improve efficiency of vulnerability assessment system.
  • Select Proper Vulnerability Assessment
    There are some Vulnerability Assessment (VA) tools in the market, MIS managers or Information Security Firms, they could select appropriate VA tools and dispose them on internet. Before executing VA, they should update modules and vulnerability database because this action could help vulnerability assessment show its best function.
  • Select Proper Scanning Policy
    According to the different goal hosts, you should choose appropriate scanning policy to execute vulnerability assessment and you would reduce scanning time. For example, if you want to execute vulnerability assessment with NT website, you could choose security policy in IIS website; if you want to execute vulnerability assessment with SANS TOP 20, you could choose its own policy.
  • Analyze Scanning Report
    According to the result of scanning, our system would produce report form or set up report form that the industries need. For example, pre and post different report, it is
  • Repair Vulnerability & Patch Exposure
    The enterprises could dependent on the serious degree and distribution of vulnerability to do repair their hosts. You could repair more serious vulnerability quickly and repair less serious slowly. On the other hand, some vulnerability could not be repair by update and you should use management to limit its dangerous range
  • Rescan and Reexamine
    After finishing repairing vulnerability, you need to do reexamine. The main purpose of it is to sure the vulnerability be repaired correctly. You need to finish these seven steps to compete vulnerability assessment procedure.
About DragonSoft Security Associates, Inc.
DragonSoft Security Associates is a leading developer in Taiwan for network security software and an active contributor to network security education. Founded in 2002, DragonSoft offers vulnerability management olutions, including vulnerability assessment, System Security Management and intrusion prevention.