SecuScan's Vulnerability Assessment Management System (VAM)

SecuScan is an automated Vulnerability Assessment Management System (VAM) that was developed to provide the end user with a comprehensive daily report on the security status of mission critical networks devices, web and application servers.

SecuScan is available for use on both External and Internal networks. SecuScan utilizes its own proprietary technology in combination with several other world class technologies to pinpoint vulnerabilities before hackers do. SecuScan's report identifies the issues, explains the risk associated, and provides a solution to the problem with no guess work necessary.

SecuScan was designed for ease of use and understanding, as well as price competitiveness, making security affordable for all.

If you have web presence, then security is not optional. For affordable price you get peace of mind every day.

Interested in trying it out? Take a moment to fill out our online request form to have your systems assessed.

SecuScan Features

Reliability

The team of engineers that brings you SecuScan consists of some of the world's top level security professionals from the United States, Canada, Japan, Russia and around the world. They have provided thousands of external and internal security audits around the globe and are very familiar with the requirements of small corporations to large enterprise ones. Since the SecuScan team researches exploits and vulnerabilities on a daily basis, you are assured of the most up to date protection possible.

World Wide Accepted Testing Standards

SecuScan testing systems are based on standards and criteria developed by the world's top security organizations such as the National Security Agency (NSA), the Computer Security Institute (CSI), the Federal Bureau of Investigation (FBI) and SANS Institute.

Professionally Developed

SecuScan was designed for ease of use and understanding, as well as price competitiveness. SecuScan is has been developed by certified Security Professionals that possess the CISSP, CISM, CISA, and CHS-III certifications.

SecuScan's testing systems are located in Canada, Japan and in China

SecuScan uses testing systems that are located in Canada, Japan and in China that are continuously monitored and updated by security professionals.

Updated vulnerability information

The vulnerability information, which SecuScan uses to conduct its scans, is collected from various sources all over the world. This information is collected then analyzed and updated to cover the most recent security threats.

Cost effective service

Security does not have to come with a high price tag. SecuScan provides a high quality service with a modest cost. By using SecuScan, you can protect your valuable information assets with a modest investment.

Flexibility

Easily separate the levels of vulnerabilities by Informational, Low, Medium, High, Urgent, and Critical to quickly address and prioritize the vulnerabilities.

View your report in HTML or PDF formats for ease of distribution to peers and management and for presentation purposes.

View your reports from anywhere via the secured log in site.

Track vulnerability trends within your network to prevent future ones from occurring.

View visual graphs showing current and past vulnerabilities as well as new and remediated vulnerabilities.

Save reports to PDF format.

Highlights

SecuScan identifies "both" network "and" web application vulnerabilities

Most services only offer port scanning, which is a rather simple automated check. Unfortunately, many vulnerabilities and exploits that allow intrusion or access valuable corporate information are found in web applications. These are the most difficult to discover, but for a hacker the most desired. SecuScan will identify both, and will present the results in one simple report that is easy to comprehend. With the vulnerability identified, the cause, the level of urgency, the associated risk, and the solution, there is no reason to hire outside help that incur additional costs.

Determine Security Requirements

Good security has a lot to do with good processes. SecuScan can assist you to determine what policies or processes should be followed by looking at the report and determining which ports are open or closed or which services are running that be may be leaving your system exposed to risk. Once you know the associated risk, you can then put policies in place that will help you safe guard your networks and dramatically reduce the risk of attack or being exploited.

Document Compliance

Many third party regulations are requiring organizations to show due diligence. SecuScan reports can be easily produced to indicate to internal or external auditors that you are taking reasonable security precautions.

Justify Spending

By using SecuScan, you can justify to management that you have mitigated serious vulnerabilities over the course of time. Thus you can prove that it is money well spent, money that would far outweigh the costs of a security breach.

Improve Cost Control

Vulnerabilities found over many sites or many devices may indicate a certain common security weakness across the enterprise. The SecuScan report gives you a close-up look at your external computing environment which will help to identify the weakness and mitigate it. This kind of insight is invaluable in selecting appropriate security products and services that are truly required and to eliminate ones that are not.

Risk Management

By being proactive and identifying security problems before they're exploited, you create an opportunity to significantly lower the risk and the potential cost of a security breach. It's no secret that it's less costly to deal with security before serious problems arise than it is to deal with it during a crisis or incident recovery.

Eliminate Surprises

No matter how good your security is there is bound to be a new exploit, a zero day exploit, or simply a process or an employee error. SecuScan adds new findings daily. Thus when a scan is performed you can be sure you are being tested using the most recent information and technology available.

Technology Features

General Scanning

  • Dynamic TCP and UDP Scan
  • ICMP Scan
  • Potential Denial of Service (DoS) Test
  • Operating System (OS) Fingerprinting
  • Scan Scheduling Support

Network Vulnerability Testing

  • Backdoor Detection
  • Default Password Testing
  • Domain Name System (DNS) Server Testing
  • File Transfer Protocol (FTP) Server Testing
  • Firewall Testing
  • Simple Mail Transfer Protocol (SMTP) Server Testing
  • Network File System (NFS) Server Testing
  • Remote Procedure Call (RPC) Testing
  • Server Message Block (SMB)/NetBIOS Testing
  • Simple Network Management Protocol (SNMP) Testing
  • Database (DB) Server Testing
  • *NIX Vulnerability Testing
  • Windows Vulnerability Testing
  • Other General Network Vulnerability Testing

Web Application Vulnerability Testing

  • Common Gateway Interface (CGI) Vulnerability Test
  • Cross Site Scripting (XSS) Detection
  • Directory Transversal/Enumeration
  • Form Presence Testing
  • Web Server (HTTP) Vulnerability Testing
  • General Web Application Vulnerability Testing
  • Parameter Manipulation Testing
  • SQL Injection Testing (Blind/Regular)
  • BASIC Authentication Password Protected Sites
  • Form Based Authentication Password Protected Sites
  • SSL Certificate Authentication
  • HTTP Response Splitting Testing
  • Command Injection Testing
  • Session Vulnerability Testing
  • CSRF Vulnerability Testing
  • JavaScript Page Support
  • Full Crawl/Parameter Logs Available on Request
  • IP Version 6 (IPv6) Scanning Support
  • Scan Scenario Creation

Product Differentiation

  • SecuScan is differentiated from other scanning products and services because we offer a solution that is the same or of superior quality as other products but that is priced 2 and 3 times more expensive than ours product.
  • SecuScan’s user interface and full reporting is easily understood by technicians of all levels
  • SecuScan is simple to set up and deploy
  • SecuScan can be rebranded to be resold as another named product or to be used internally throughout a worldwide organization
  • SecuScan is modular in design
  • Intelligent Reporting
  • Web vulnerabilities and Network vulnerabilities are separated in the report for ease of understanding
  • Archived Reports
  • Multilingual Capable
  • Version update support
  • Customizable Scan times
  • SecuScan checks the security of servers: Web, DNS, Mail, Database, File Servers etc.
  • Network devices: Routers, IDS, Firewalls, File servers, Gateways, etc.
  • Web sites: Dynamic Web Sites (Database Integrated Web Applications)
  • Unique vulnerability ID number is assigned to every single vulnerability
  • Hot links and URLs are imbedded to the report body for ease of downloading updates, patches etc (where required)