cns-logo-hut3cns-logo-hut3

Information Assurance

Client Login
Search

Vulnerability Scanning

Hut3 Security Assessment

PCI ASV Scanning

As well as being a requirement under the PCI DSS standard automated scanning is a very useful tool.Its extremely cheap and offers a convenient way of performing regular, easy, quick error checks, e.g after a firewall change a scan could be run to make sure a port hasn’t been opened by mistake. Once the Qualys ASV account has been created, for the period of a year, against the originally specified IPs(additional IPs will incur additional costs), unlimited scans can be run on request(please note, if consultancy services have been sold as part of the package there may be an additional charge), ASV is gross error checking, its quick, easy, convenient and cheap.

Automated Internal Scan

It is extremely cheap and offers a convenient way of performing regular, easy, quick error checks, e.g after a firewall change a scan could be run to make sure a port hasn't been opened by mistake.  CNS recommend either monthly or quarterly scans, however additional scans can be run on request(please note, scans are sold on a per-scan per-ip basis so additional charges will be incurred for additional scans), Automated Scanning is gross error checking, its quick, easy, convenient and cheap.   

Comparison to Manual Testing  

 Automated scanning, whatever tool is used, is not perfect, it will miss complex issues, it will miss logic issues and it will also generate false positives (it will identify issues as existing, when in-fact they do not exist).  Manual testing, relays on the technical understanding and instinct of the tester.  Automated test results should always be considered carefully and ideally evaluated by a skilled technical resource.  

Automated  External Scan 

Offers a convenient way of performing regular, easy, quick error checks, e.g after a firewall change a scan could be run to make sure a port hasn't been opened by mistake.  CNS recommend either monthly or quarterly scans, however additional scans can be run on request(please note, scans are sold on a per-scan per-ip basis so additional charges will be incurred for additional scans), Automated Scanning is gross error checking, its quick, easy, convenient and cheap.   

Options

 
CNS can provide a number of options for automated scans.  Fully Managed - CNS will run the scans , review the reports, recommend remediation plans and offer technical advice. Partially Managed - CNS will run the scans, briefly review the report, and be available for time limited technical discussions





CNS Hut3 Services
CESG CHECK Accreditation

CNS Group links

About
Global links

CNS Hut3 links

About
GRC
Assessment

CNS Mosaic links

About
Solutions
  • Consultancy
  • Controls
  • Advisory & Support
Services
  • Managed Security
  • Managed Compliance
  • Managed Infrastructure