Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

RADAR - Le nouveau scanner de vulnérabilité par F-Secure

242 views

Published on

F-Secure RADAR lance sur le marché français un scanner de vulnérabilité puissant et accessible à la fois qui vous permettra d'identifier et contrôler les failles de sécurité sur l'ensemble de votre infrastructure.

Grâce à F-Secure RADAR :
-Cartographiez vos dispositifs et réseaux en temps réel.
-Comprenez le niveau de risque.
-Suivez automatiquement les évolutions des risques.
-Générez des rapports détaillés et personnalisés.

Testez la solution gratuitement pendant 1 mois !

Published in: Software
  • Be the first to comment

  • Be the first to like this

RADAR - Le nouveau scanner de vulnérabilité par F-Secure

  1. 1. F-Secure Radar STOPLOOKINGFOR VULNERABILITIES. STARTFIXINGTHEM.
  2. 2. THEPOTENTIALFOR RISKISHUGE 2 Sources: 1) AV Test 2) National Vulnerability Database 3) PwC, The Global State of Information Security® Survey 2015 Instances of malware have almost doubled every year since 2006 (1 On average 19 new vulnerabilities emerge daily (2 In 2014, cyber attacks reached 117,339 per day 3)
  3. 3. YOURCOMPANYIS ATARGET 3 Sources: 1) Gartner 2) HP 2015 Cyber Risk Report 3) SANS Institute 4) National Vulnerability Database 75% of attacks occur at the application layer (1 86% of web applications have serious security issues (2 52% of the issues are long-known Patch deployment is not immediate (3 Third party applications amount to 80% of vulnerabilities (4
  4. 4. WHERE’S THERISK? 4 1. Out-dated software 2. Misconfigured systems 3. Insecure web applications  Continuous vulnerability scanning  Strict vulnerability management processes  Cover all your assets: servers, desktops, printers, routers, etc. HOWTO TACKLEIT?
  5. 5. © F-Secure Confidential5 MEET F-SECURERADAR A VULNERABILITY MANAGEMENT SOLUTION THAT GIVES YOU THE TOOLS AND CONTROL TO MANAGE THE RISK
  6. 6. COMPLETECONTROL OVERVULNERABILITY MANAGEMENT 6 From automated scan scheduling to verification scans Unlimited scans with one single license Flexible API for integration with your ticketing systems
  7. 7. 7 THISIS F-SECURE RADAR DISCOVERY map network assets SCAN systems & applications MANAGE priorities and assign system owners REPORT customizable for technicians and executives VERIFY rescan and spot changes
  8. 8. 8 GET SMARTER ANALYSIS  Intuitive, browser based graphical interface  Instant information  Sophisticated tools for deeper analysis STREAMLINE WORKFLOWS  Schedule automated vulnerability scans  Monitor vulnerabilities efficiently GET THE BIG PICTURE  Map all your system assets  Get a total overview of the current security level GET IN CONTROL  Assign, follow and manage security issues with your system administrators, software developers, testers, auditors and security team BETTER EVERY TIME  Continuously developed and improved  Automatically updated  High quality vulnerability checks and scanning engines GET REPORTS THE WAY YOU WANT THEM  Customizable reports with reliable benchmarking  In the format you need
  9. 9. 9  Map your true attack surface, before someone else does  Measure yourself against PCI compliance  Improve your security measures with easy management  Get customized reports that fit your company’s needs  Scale and adapt F-Secure Radar to your needs  Use seamless API integration with 3rd party solutions KEYBENEFITS TOYOU
  10. 10. 10 FEATURES DETECT AND MANAGE THOUSANDS OF ASSETS AND VULNERABILITIES IN ONE SOLUTION
  11. 11. 11 Discovery Scan System Scan Web Scan F-Secure Radar Security Centre 3 IN 1SCANNING SOLUTION
  12. 12. F-SECURERADAR SECURITYCENTER 12  Centralized reporting with uniform look and feel  Vulnerability management and ticketing system  API interface  Add vulnerabilities manually  Portal in English F-Secure Radar Security Center
  13. 13. F-SECURERADAR DISCOVERYSCAN 13 Discovery Scan A scanning process that maps your whole network and all its assets  A fast and reliable port scanner  Based on an asynchronous port scanning techniques  Fast host discovery mode (to be used on internal networks)  Supports service and operating system detection  Scan speed can be easily adjusted to suit your network capacity
  14. 14. F-SECURERADAR SYSTEMSCAN 14 System Scan Identifies vulnerabilities associated with configuration errors, improper patch management, implementation oversights etc.  A platform scanner - able to identify known vulnerabilities systems and software  Capable of scanning any network device that talks IP  Support authenticated scanning on Windows and Linux  Low number of false positive and false negative (high accuracy)  Constantly kept up-to-date based on  Public vulnerability databases such as National Vulnerability Database and others  Vulnerabilities discovered by our security consultants  Certified as a PCI ASV scanning tool
  15. 15.  A web application scanner - able to identify vulnerabilities in custom applications  Supports simple form-based authentication  Supports assisted crawling (aka. recordings)  Scalable to cover expanding needs  Certified PCI ASV scanning tool F-SECURERADAR WEBSCAN 15 Web Scan Tests for numerous web application vulnerabilities
  16. 16. PICKYOUR PREFERRED IMPLEMENTATION 16
  17. 17. Runscansfromthecloudasa trueSaaSwithscannodeswithin theservice 17 Runasanon-sitesolution whereeverythingisbehindyour corporatefirewall F-SECURERADAR CLOUD F-SECURERADAR PRIVATE
  18. 18. F-SECURERADAR CLOUD 18 PUBLICLY AVAILABLE NETWORK FIREWALL F-SECURE RADAR SCAN NODE WEB INTERFACE LOCAL NETWORK F-SECURE RADAR SCAN NODE F-SECURE RADAR SECURITY CENTER  No limitations!  Accessible from anywhere  Always up-to-date  Unlimited scan nodes included  Tie our managed cyber security services together with your F-Secure Radar solution
  19. 19. F-SECURERADAR PRIVATE 19 FIREWALL F-SECURE RADAR SCAN NODE LOCAl NETWORK  Store your data in-house  Deploy F-Secure Radar in isolated environments  Installed by F-Secure experts  Scan nodes support two-way communication  Initiated by scan node  Initiated by F-Secure Radar Security Centre LOCAL ONSITE SOLUTIONS WEB INTERFACE
  20. 20. ASASERVICE 20
  21. 21. LetexpertsrunF-SecureRadarforyou togetthebestoutofthesolution 21 F-SECURERADAR ASASERVICE
  22. 22. 22 Lacking the time or resources to manage your vulnerability management solution?  No time to review results?  No time to delegate vulnerabilities to be corrected?  No time to follow up, re-scan and verify corrections? Missing the big overview?  What action plan / recommendations should be delivered to the management?  What do we need the most right now? Lacking the internal knowledge how to drive a vulnerability scanning solution?  Not enough knowledge about the vulnerabilities?  Troubles configuring the scans in an optimal way?  Overwhelmed by all the findings? Lacking the time or resources  No time to review results?  No time to delegate vulnerabilities to be corrected?  No time to follow up, re-scan and verify corrections? Lacking the internal knowledge  Not enough knowledge about the vulnerabilities?  Troubles configuring the scans in an optimal way?  Overwhelmed by all the findings? Missing the big overview  What action plan / recommendations should be delivered to the management?  What do we need the most right now? COMMONCUSTOMER CHALLENGES
  23. 23. HOWITWORKS? 23  F-Secure Radar license required  You define the scope and frequency  Experts will regularly (monthly)  Configure scans  Review scan results  Follow up on existing tickets  Assign new tickets to system owners  Deliver executive summary reports  Attend quarterly status meeting
  24. 24. F-SECURERADAR ASPARTOF CYBERSECURITY 24
  25. 25. 25 Security & Risk Assessment Security Advisory Compliance&SecurityImprovement Vulnerability Management Training & Security Culture End-Point Protection E-Mail & Web Traffic Scanning Central Security Management Forensics Incident Response Security Monitoring & Alerting PREDICT PREVENT DETECTRESPOND ANELEMENTOF HOLISTICCYBERSECURITY F-Secure Radar
  26. 26. HIGHLYCUSTOMISABLE REPORTINGCENTRE 26  Select and analyze subsets of scans  Create, save and edit custom reports  Flexible and editable report formats to suit your needs  Word and Excel reports  Traditional CSV or XML reports  Or access data using the F-Secure Radar API  Add notes to vulnerabilities  Change vulnerability state (Confirmed, Accepted risk, False positive..)  Add your own vulnerabilities
  27. 27. ANINTEGRALPARTOF YOURPCICOMPLIANCE PROGRAM 27  An approved PCI ASV scanning solution  Validate your compliance  Complement your Qualified Security Assessor (QSA)  Vulnerability scans performed according to the PCI requirements  Available for regular testing and for identifying newly discovered vulnerabilities  Reporting tools to deliver the associated scanning reports
  28. 28. DEVELOPED BYnSense 28 IN A ROW – BEST ENDPOINT PROTECTION 4YEARS NOWPARTOF F-SECURE A recognized European vendor in penetration testing, vulnerability assessment, security consulting and training. A leading European cyber security specialist. Developed by experts, based on years of experience in the field. Flexible development together with customers.
  29. 29. 29 Lacking the time or resources to manage your vulnerability management solution?  No time to review results?  No time to delegate vulnerabilities to be corrected?  No time to follow up, re-scan and verify corrections? Missing the big overview?  What action plan / recommendations should be delivered to the management?  What do we need the most right now? Lacking the internal knowledge how to drive a vulnerability scanning solution?  Not enough knowledge about the vulnerabilities?  Troubles configuring the scans in an optimal way?  Overwhelmed by all the findings? SIMPLE PRICING MODEL Benefits  Unlimited number of scan nodes  Unlimited number of scans against your licensed systems  Unlimited number of user accounts  No scanning restrictions Benefits  No feature limitations  Access to all scanning engines  Access to Karhu API  No hidden costs Pricing  Based on the number of hosts/IPs scanned for vulnerabilities  License starts at min. 100 IPs  Choose monthly or yearly billing  Volume discounts

×