NTS Vulnerability Management

Security in IT is now playing a key role. These days, security incidences are among the most significant business risks for companies of all industrial sectors. This fact is caused, amongst other things, by the increasing number of threats. In addition, the impacts and potential damages during security incidences have noticeably increased as well. Therefore, it is now more than ever important to protect the intellectual property of a company and to ensure the operational readiness.

Potential threats can be detected at an early stage by means of preventative measures. Thus, the likelihood of an attack can be reduced or eliminated.

NTS Vulnerability Management continuously identifying security vulnerabilities and points out potential threats. This is a Managed Service that renders security early-detection measures, not to a singular affair but, to a constant service.

The vulnerabilities are analyzed and evaluated by our experts. By analyzing these weaknesses, recommendations regarding the necessary troubleshooting are voiced. Additionally, NTS customers receive information about vulnerabilities for which there is already a known way to exploit the weakness in existence.

The results are documented in concise reports including concrete recommendations for actions and they are discussed in regular meetings with the customer.

Depending on the group of recipients, the reports can be shaped differently – strategically, operationally or tactically. Only with this, the weakness analysis is institutionalized in the business. Additionally, an overview of the assets in the customer network is created by NTS within the framework of this service.

YOUR ADVANTAGES AT A GLANCE

Continuous identification and evaluation of software and configuration vulnerabilities
Categorization and risk analysis of weaknesses – basis for the definition of preventative measures
Reduction or elimination of potential threats
History and overview of vulnerabilities and potential threats
Support of governance, risk and compliance processes
Constant and transparent reports that are adapted to the target group
Dedicated vulnerability analyst
Avoidance of conflict of interests due to an independent, external view of the NTS experts

In order to keep up the pace with the times and to cover customer requirements in the best possible way, the service is constantly being developed further in the course of the continual service improvement. This includes amongst others: continuous meetings, reporting, a dedicated vulnerability analyst and the processing of recommended improvement measures.

This NTS security service is built modularly, and it provides a focused examination of web applications and the Active Directory environment – next to a regular check of weaknesses in the network infrastructure. Therefore, the NTS Vulnerability Management consists of three modules „Infrastructure“, „Web Application“ and „Active Directory“. Thus, the modules can be operated independently; however, the module „Infrastructure“ is recommended as a basis module. The modules „Web Application“ and „Active Directory“ can be added according to the requirements of the customer.

With Tenable, the market leader in vulnerability risk management solutions, weaknesses can be detected
and the (network) security can be increased. Tenable‘ s products are available on premise and in the cloud and are suitable for IT, web applications, IoT/OT and cloud.

Examples of weaknesses/risks that are identified during the analysis:

Weaknesses in the applied software, like for instance old IIS versions
Exploits that are still utilized years later, like for example WannaCry
Used protocols that are not considered secure such as SSL v3, TLS 1.0, SSH v1, SNMPv1/v2
Locating of open and potentially unsafe ports, such as Telnet, RDP, VNC

By all these measures, the risk of an attack can be minimized and the effectiveness of the measures that have been taken can be quantified – Relax, We Care.