Our computers will now have to install anti-virus software, such as Rising, Kingsoft and Kaspersky, we will install a kind of malware killing or a rogue piece of software, such as 360 security guards, Jinshan guards, Super Rabbit, etc., O The goal is to prevent Trojans, vulnerabilities, malicious attacks on computers, confidential access and harassment of information.

Again, the problem now extends to the network, if there is such software can help IT companies or the network management team, always or frequently find and identify vulnerabilities in the LAN? The answer is yes, it is known as Software Vulnerability Assessment (VA). Users also shout, "I do not want to be the next company to be black!" So how do we know where the real threat today is, what do we want to explore today 's theme?

In what security is the vulnerability assessment focused?

The combination of vulnerability management, penetration testing, and risk identification can greatly reduce the risk in systems and networks of users. When developing vulnerability discovery techniques, "think like an attacker." Because the attacker will look for any gaps in the user's defense, from the most common places we find weaknesses in the system.

· Network security

Ensure that all network systems and devices have been properly tested for possible vulnerabilities and incorrect configurations to minimize security risks.

· Database security

Ensure the security of database users, one is to prevent the invasion of illegal workers, the second is to ensure that the database is properly configured to meet the specification requirements.

· Web application security

Similar to preventing a serious threat, such as SQL injection and cross-site scripting (CSS / XSS), to protect the user's web and Web application server applications (including Adobe Flash applications).

· Virtualization security

Because the user infrastructure is growing rapidly, and need to continue to find new asset classification and then scan and trace virtual assets, the new additional risk to the user a visual alarm.

· Security Configuration Assessment

system configuration and network vulnerability scanning, evaluation documents can be generated, can be used for internal and external audit, supporting user's IT defense.

· Penetration test and risk identification

Identify proven security threats, identify risk vulnerabilities in user systems, and implement effective risk solutions.

Users are advised to use a closed loop security intelligence solution in conjunction with penetration testing and vulnerability management methods. Taking into account the security program to easily integrate with existing IT infrastructure, to help users quickly identify the biggest threat, to provide efficient security solutions to help customers achieve the standard specifications set by the company.

What benefits can users get with vulnerability assessment software?

· Protect IT infrastructure and corporate assets

Today's cybercriminals are more embarrassing than ever. Theft could pose a huge threat to user fabrication and business interests, user security policies and establishing effective measures to ensure the safety of the operation of the business.

· Measurement and risk reduction

Safety assessment and assessment must be carried out in advance and continuously. The use of an intelligent closed circuit security solution can reduce and prevent the occurrence of risks. Security Intelligence uses four parameters to measure and measure risk: exposure, probability, impact, and mitigation.

· Improve the efficiency of your IT and security teams

Security teams and network operations have time and budget constraints. Through automation and prioritization, correction according to the team's priority of corrective measures to complete the patch can be downloaded corrects the vulnerability, correct the error correction, the whole enterprise to improve productivity.

· Protect the user's virtual environment

Policies, procedures, and security features for virtual environments protect users' investments in virtual devices. Ensure that users benefit from virtualization instead of adding complexity.

What manufacturers or products exist in the market now?

· McAfee

McAfee is a purely secure provider with a wide range of products, from network security to desktop security. Intel announced plans to acquire McAfee in 2010 and c

to complete the acquisition in February 2011. McAfee is now a wholly owned subsidiary of Intel Corporation and will continue to develop security products under the McAfee brand. McAfee Vulnerability Manager (MVM) is an already released software that provides users with a management tool or service. The MVM can be integrated with other McAfee products, such as the ePolicy Orchestrator (ePO) console.

· Circle

Suite 360 ​​vulnerability management products including IP360 engine vulnerability scanning, WebApp360 application scanners, Intelligence Center, Configuration Manager and File Monitor. The services provided include an external PCI scan and a surrounding scanning service. The nCircle kit component has a variety of software, appliances, virtual appliances, and service-based configurations that can be used together.

· Qualys

Qualys Security Guard and suite compliance is entirely based on the service, released by the host Qualys Peripheral Scan scan engine and internal verification tool released by the premise. vulnerability report, content of the default configuration template update, all software and update scan engine, by Qualys automatically. Customers manage their own scans, reports, and workflows through a web-based portal. In August 2010, Qualys acquired Nemean Networks to enhance the company's ability to research threats in real-time.

· Rapid7

NeXpose scanning vulnerability assessment products can be provided in various ways: software, equipment, virtual appliances, portable computers / mobile devices and management services. Customers can mix these products and service components together. Rapid7 acquired the open source framework penetration testing engine Metasploit in 2009 and launched its commercial version in 2010. Rapid7 is an application and vulnerability database of leading vendors evaluation, is committed to identify and determine the vulnerability, the new Metasploit technology to improve the competitiveness of products.

In addition to the above described four products as well as Security, Critical Watch, Digital Defense, eEye Digital Security, Lumension Security, Saint, StillSecure, Tenable Network Security, Trustwave other manufacturers or products.

In what areas does the vulnerability assessment focus?

· Energy and infrastructure

Protect energy, communications, transportation, houses, buildings, etc. of attacks.

· Banks and finances

Protect personal financial and property data.

· Government department

Prevent the theft and loss of critical and sensitive information from countries and governments.

· Cheers

Protect the health of employees, customers and patients.

· Company

Ensure the normal operation of the company's business and protect the business secrets and assets of the company's equipment.

· Business

Protect customer's personal financial data and property damage to the business unit.

In short, for system and network vulnerabilities "to plan ahead" with vulnerability assessment technology, identify early problems and solve problems in advance to ensure that our society runs smoothly.

-