Cloud-based vulnerability scanning services can range from the core scanning services to components in a broader set of managed security services. In this article we will consider four such services: WebSAINT, ImmuniWeb, BeyondSaaS and Dell Secure Works Vulnerability Scanning service.
SAINT has a long history in vulnerability scanning and the WebSAINT and WebSAINT Pro vulnerability scanning services make the SAINT scanner available through a SaaS model. The WebSAINT service includes PCI ASV scans, vulnerability scanning on external targets, scheduling options as well as multiple reports. The WebSAINT Pro version includes penetration testing, checklist compliance, Web application scanning along with custom and predefined reports.
The services scan TCP and UDP ports on customer devices or networks. When an application with known security concerns is detected, a detailed analysis is performed and results are stored for later reporting. Either service can be used without installing local agents. Scans can be performed on demand or on a schedule.
The ImmuniWeb vulnerability assessment service from High-Tech Bridge takes a slightly different approach to scanning. The ImmuniWeb service uses both automated scanning and manual penetration testing to compile a report on your site’s vulnerabilities. The process required begins by registering your site with High-Tech Bridge and filling out an assessment based on your requirements. The scan and penetration tested is performed at an agreed upon time and completed within 12 hours. The assessment report is reviewed by a quality assurance team at High-Tech Bridge before being sent to the customer.
ImmuniWeb reports include three or more remediation techniques for each identified vulnerability. One advantage of the human review is that auditors can suggest the most appropriate remediation technique, such as modifying Web application source code, revising the Web application firewall rules, or applying a vendor supplied patch.
The costs of an ImmuniWeb assessment is $639.
For organizations most concerned with maintaining the security of external devices, such as web servers and web applications, services such as BeyondTrust's BeyondSaaS might have the right combination of products. The company offers unlimited network scans, starting at $3,500 per year as well as single web application assessments for $770 per application. The BeyondSaaS service includes assessments of network devices, operating systems, and ports while maintaining less than a 1 percent false positive rate. The web application scanning service detects SQL injection, Cross-Site Scripting, Cross-Site Request Forgery, and operating system command injection vulnerabilities.
BeyondSaaS assessment reports include vulnerabilities and remediation suggestions. PCI compliance oriented reports are also available.
Additional products for internal scanning are available from BeyondTrust and include Retina Network Security Scanner and Retina CS. A free version of the scanner, the Retina Network Community edition, provides basic assessment and reporting on up to 256 IP devices.
Dell Secure Works
While ImmuniWeb and SAINT offer basic scanning services, companies with complex security requirements may want to consider managed security services, such as Dell Secure Works. Dell's offering includes vulnerability scanning based on QualysGuard Vulnerability Management technology. The services include scans of web servers, network devices, application servers, and databases in both on-premises and cloud deployments.
The QualysGuard vulnerability scanner is agentless and provides device discovery operations. The scanning services include regular updates to the vulnerability database, detailed reports including exploitability information, and zero-day threat intelligence. The Dell service includes a vulnerability management team, flexible reporting, and remediation workflows available through a service portal.
Dell's vulnerability scanning service is sufficient to comply with PCI, HIPAA, GLBA and NERC CIP requirements.