Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

F secure Radar vulnerability scanning and management

4,191 views

Published on

F-Secure Radar offers you complete control over vulnerability management.
It lets you:
- Map your true attack surface, before someone else does
- Measure yourself against PCI compliance
- Improve your security measures with easy management
- Get customized reports that fit your company’s needs
- Scale and adapt F-Secure Radar to your needs
- Use seamless API integration with 3rd party solutions
F-Secure Radar is a European solution that can be implemented on premise or be used from the cloud.

Published in: Technology
  • Be the first to comment

F secure Radar vulnerability scanning and management

  1. 1. STOP LOOKING FOR VULNERABILITIES. START FIXING THEM. F-Secure Radar
  2. 2. THERISK ISHUGE Sources: 1) AV Test 2) National Vulnerability Database 3) PwC, The Global State of Information Security® Survey 2015 Instances of malware have almost doubled every year since 2006 (1 On average, 19 new vulnerabilities emerge daily (2 In 2014, cyber attacks reached 117,339 per day 3)
  3. 3. YOURCOMPANYIS ATARGET 3 Sources: 1) Gartner 2) HP 2015 Cyber Risk Report 3) SANS Institute 4) National Vulnerability Database 75% of attacks occur at the application layer (1 86% of web applications have serious security issues (2 52% of the issues are long-known Patch deployment is not immediate (3 Third party applications amount to 80% of vulnerabilities (4
  4. 4. WHERE’S THERISK? 4  Out-dated software  Misconfigured systems  Insecure web applications  Continuous vulnerability scanning  Strict vulnerability management processes  Cover all your assets: Servers, desktops, printers, routers, etc. HOWTO TACKLEIT?
  5. 5. MEET F-SECURERADAR 5 A VULNERABILITY MANAGEMENT SOLUTION THAT GIVES YOU THE TOOLS AND CONTROL TO MANAGE THE RISK
  6. 6. COMPLETE CONTROLOVER VULNERABILITY MANAGEMENT 6 From automated scan scheduling to verification scans Unlimited scans with one single license Flexible API for integration with your ticketing systems
  7. 7. THISIS F-SECURE RADAR 7 DISCOVERY map network assets SCAN systems & applications MANAGE priorities and assign system owners REPORT customizable for technicians and executives VERIFY rescan and spot changes
  8. 8. 8 GET SMARTER ANALYSIS  Intuitive, browser based graphical interface  Instant information  Sophisticated tools for deeper analysis STREAMLINE WORKFLOWS  Schedule automated vulnerability scans  Monitor vulnerabilities efficiently GET THE BIG PICTURE  Map all your system assets  Get a total overview of the current security level GET IN CONTROL  Assign, follow and manage security issues with your system administrators, software developers, testers, auditors and security team BETTER EVERY TIME  Continuously developed and improved  Automatically updated  High quality vulnerability checks and scanning engines GET REPORTS THE WAY YOU WANT THEM  Customizable reports with reliable benchmarking  In the format you need
  9. 9. © F-Secure Confidential9 KEYBENEFITS TOYOU • Map your true attack surface before someone else does • Measure yourself against PCI compliance • Improve your security measures with easy management • Get customized reports that fit your company’s needs • Scale and adapt F-Secure Radar to your needs • Use seamless API integration with 3rd party solutions
  10. 10. RADAR FEATURES 10 DETECT AND MANAGE THOUSANDS OF ASSETS AND VULNERABILITIES IN ONE SOLUTION
  11. 11. Discovery Scan System Scan Web Scan F-Secure Radar Security Center 3 IN 1SCANNING SOLUTION
  12. 12. 12 F-SECURERADAR SECURITYCENTER F-Secure Radar Security Center F-Secure Radar Security Center • Centralized reporting with uniform look and feel • Vulnerability management and ticketing system • API interface • Add vulnerabilities manually • Portal in English
  13. 13. 13 F-SECURERADAR DISCOVERYSCAN F-Secure Radar Security Center • A fast and reliable port scanner • Based on an asynchronous port scanning techniques • Fast host discovery mode (to be used on internal networks) • Supports service and operating system detection • Scan speed can be easily adjusted to suit your network capacity A scanning process that maps your whole network and all its assets F-Secure Radar Security Center
  14. 14. 14 F-SECURERADAR SYSTEMSCAN F-Secure Radar Security Center • A platform scanner - able to identify known vulnerabilities systems and software • Capable of scanning any network device that talks IP • Support authenticated scanning on Windows and Linux • Low number of false positive and false negative • Constantly kept up-to-date based on - Public vulnerability databases such as National Vulnerability Database and others - Vulnerabilities discovered by our security consultants • Certified as a PCI ASV scanning tool Identifies vulnerabilities associated with configuration errors, improper patch management, implementation oversights etc. F-Secure Radar Security Center
  15. 15. 15 F-SECURERADAR WEBSCAN F-Secure Radar Security Center • A web application scanner - able to identify vulnerabilities in custom applications • Supports simple form-based authentication • Supports assisted crawling (aka. recordings) • Scalable to cover expanding needs • Certified PCI ASV scanning tool Tests for numerous web application vulnerabilities F-Secure Radar Security Center
  16. 16. PICKYOUR PREFERREDWAYOF IMPLEMENTATION 16
  17. 17. 17 Runasanon-sitesolution whereeverythingisbehindyour corporatefirewall F-SECURERADAR CLOUD F-SECURERADAR PRIVATE Runscansfromthecloudasatrue SaaSwithscannodeswithinthe service
  18. 18. F-SECURERADAR CLOUD F-SECURE RADAR SCAN NODE 18 PUBLICLY AVAILABLE NETWORK FIREWALL WEB INTERFACE LOCAL NETWORK F-SECURE RADAR SECURITY CENTER • No limitations! • Accessible from anywhere • Always up-to-date • Unlimited scan nodes included • Tie our managed cyber security services together with your F-Secure Radar solution F-SECURE RADAR SCAN NODE
  19. 19. 19 FIREWALL LOCAl NETWORK • Store your data in-house • Deploy F-Secure Radar in isolated environments • Installed by F-Secure experts • Scan nodes support two-way communication - Initiated by scan node - Initiated by F-Secure Radar Security Center LOCAL ONSITE SOLUTIONS WEB INTERFACE F-SECURERADAR PRIVATE F-SECURE RADAR SCAN NODE
  20. 20. 20 F-SECURERADAR ASASERVICE LETEXPERTSRUNF-SECURERADARFORYOU TOGETTHEBESTOUTOFTHESOLUTION
  21. 21. © F-Secure Confidential21 Missing the big overview • What kind of action plan / recommendations should be delivered to the management? • What do we need the most right now? COMMONCUSTOMER CHALLENGES Lacking internal knowledge • Not enough knowledge about the vulnerabilities? • Troubles configuring the scans in an optimal way? • Overwhelmed by all the findings? Lacking the time or resources • No time to review results? • No time to delegate vulnerabilities to be corrected? • No time to follow up, re-scan and verify corrections?
  22. 22. 22 • F-Secure Radar license required • You define the scope and frequency • Experts will regularly (monthly) - Configure scans - Review scan results - Follow up on existing tickets - Assign new tickets to system owners - Deliver executive summary reports - Attend quarterly status meeting HOWITWORKS?
  23. 23. F-SECURERADAR ASPARTOF CYBERSECURITY 23
  24. 24. © F-Secure Confidential24 Security & Risk Assessment Security Advisory Compliance&SecurityImprovement Vulnerability Management Training & Security Culture End-Point Protection E-Mail & Web Traffic Scanning Central Security Management Forensics Incident Response Security Monitoring & Alerting PREDICT PREVENT DETECTRESPOND ANELEMENTOF HOLISTICCYBERSECURITY
  25. 25. F-SECURE RADARASAN INTEGRATED PARTOFYOUR BUSINESS SECURITY © F-Secure Confidential25 Security Improvement Program Security Management Incident Response Services Secure Software Development PCI Compliance Vulnerability Assessment PCI ASV Scans MANAGE ENHANCE ASSESS End-Point and Network Protection - the basis of every security strategy F-SECURE RADAR
  26. 26. • Select and analyze subsets of scans • Create, save and edit custom reports • Flexible and editable report formats to suit your needs  Word and Excel reports  Traditional CSV or XML reports  Or access data using the F-Secure Radar API • Add notes to vulnerabilities • Change vulnerability state (Confirmed, Accepted risk, False positive..) • Add your own vulnerabilities HIGHLY CUSTOMISABLE REPORTINGCENTRE © F-Secure Confidential26
  27. 27. ANINTEGRALPARTOF YOUR PCICOMPLIANCE PROGRAM  An approved PCI ASV scanning solution  Validate your compliance  Complement your Qualified Security Assessor (QSA)  Vulnerability scans performed according to the PCI requirements  Available for regular testing and for identifying newly discovered vulnerabilities  Reporting tools to deliver the associated scanning reports © F-Secure Confidential27
  28. 28. DETAILS 28
  29. 29. © F-Secure Confidential29 Pricing • Based on the number of hosts/IPs scanned for vulnerabilities • License starts at min. 100 IPs • Choose monthly or yearly billing • Volume discounts F-SECURERADAR SIMPLEPRICINGMODEL Benefits • No feature limitations • Access to all scanning engines • Access to Karhu API • No hidden costs Benefits • Unlimited number of scan nodes • Unlimited number of scans against your licensed systems • Unlimited number of user accounts • No scanning restrictions
  30. 30. 30 F-SECURE IN A ROW – BEST ENDPOINT PROTECTION www.f-secure.com/business 4YEARS A recognized European vendor in penetration testing, vulnerability assessment, security consulting and training. Developed by experts, based on years of experience in the field. Flexible development together with customers. A leading European cyber security specialist. A LEADING EUROPEAN CYBER SECURITY SPECIALIST

×