Vulnerability Management.
Internal vulnerability scanning and analysis

ReScan Internal – Internal vulnerability scanning as a service

A ReScan Internal analysis independently reveals whether your IT systems are vulnerable and easily accessible if a hacker gets on the inside of your network.

When an analysis is performed for the first time, it will form the baseline for all future actions and for many becomes an important management tool that provides a full overview of their vulnerability level.

The analysis is conducted by our security consultants and is based on the vulnerability scan of all your servers and a sample of your clients.

Reporting

Once the security consultant has completed the vulnerability scan or received scan data from your own scanner, they will interpret all data and prepare a detailed written report.

The report will be in two parts, a management summary that briefly describes your current IT security level in non-technical terms and then a technical section that describes the vulnerabilities found and most importantly, how to fix them and make a potential attack more difficult.

Get in touch with us below to receive a dummy report.

Why get assistance with internal vulnerability scanning?

Once a hacker has gained access to your internal network, it’s important to make it difficult for them to move on to other systems.
Hackers are often successful in gaining additional access to systems or gaining more rights due to vulnerable applications or misconfigurations.

With an internal vulnerability scan, these vulnerabilities are made visible and prioritized so you can get them fixed.

Vulnerability management is about maintaining good hygiene in the systems, but for most people, there are a lot of systems to consider on the inside of the firewall. It’s hard to find the time and resources to address all the vulnerabilities.

That’s why different organizations see opportunities in having part or all of this task solved as a service.

How we perform an internal vulnerability scan

A security consultant can come to you and perform the scan. However, several organizations have invested in a vulnerability scanner on the inside of their network. Here, we perform analyzes on scan data that they provide themselves, or we get remote access to use the scanner.

First, your network is scanned for active devices.
If a network is split between servers and clients, we recommend that both the servers and a selection of clients are examined.

For the most detailed results, the scan is performed with a user account that has administrative rights on the devices.

After the scan, an analysis and a report with a prioritized list is produced, explaining each vulnerability in easy-to-understand language.

Under each vulnerability there will be suggestions on how to fix them.

How often is an internal vulnerability scan performed?

The most common practice is to have the full analysis of all servers and about 10 percent of clients performed twice a year so that the vulnerabilities that have been detected can be fixed before the next scan.

If you have your own scanner, you may want to increase the frequency in order to quickly catch new vulnerabilities in the “high/critical” category and to scan selected critical systems more often than others.