Perimeter Scan

Scan your company internet presence for vulnerabilities.

Let's secure your perimeter.

Let's face it: if you aren't a multinational, you're not performing frequent scans on your perimeter. This means security weaknesses, misconfigurations and old software can creep into your portal to the internet.

Sure, professional products already exist for this. But they will cost you an arm and a leg and require a lot of time and technical expertise.
This is where we will make the change.

Current tools are either very expensive and quite difficult to use, requiring permanent security staff to monitor for and fix issues. venclave can offer an immense added value in the following cases;

Legacy systems still linger around your company network, exposing your newer infrastructure to gaps. Now is the time to do that upgrade and venclave can provide you with the necessary proof.

Setting up a fresh infrastructure can mean you're unfamiliar with a specific piece of infrastructure. This is where security issues can arise and where you need a check-up.

Sometimes, some things like SSL ciphers are just very hard to get right. We can function as a backup to ensure your configuration is done according to best practices.

Example scan results

SSL version 3.0 is detected
SSL/TLS Critical

SSL/TLS using version 3.0 is vulnerable to the so called POODLE attack. This allows a man-in-the-middle attack where an attacker can decrypt 1 byte after 256 requests. This can expose sensitive information to the attacker.

Read the documentation

Solution: Exclude the SSL protocol on your application server.

Vulnerable httpd/apache version detected
Patch Medium

The modules used in the apache/httpd HTTP web server software allow for multiple cross-site scripting vulnerabilities (XSS). This can make it possible for attackers to let your website visitors run their malicious javascript code.

Read the documentation

Solution: Upgrade apache/httpd to a recent version.

SSH on standard port 22 detected
Config Low

The SSH server is listening on the default port 22, which makes it easily recognizable. This will allow automated logion attempts performed by bots on the internet. Changing this to a random port will prevent a lot of automated attempts.

Read the documentation

Solution: Change the port to a custom one above 1024.

Todays requirements

Ideally you need an easy-to-use tool that offers you the information you need in a clear way. When vulnerabilities are found, you need a link to the technical documentation and a proposed way to proceed.

There will be loads of vulnerabilities, but most of them will probably be benign. Every vulnerability will need to contain tags telling you how serious it is and what it is about.

Only after the initial overview of everything that is detected, you can start fixing issues. But how are we going to follow-up these issues? For this we need a dashboard that will notify you how many issues have been fixed since the last scan.

All of these features will make your life a lot easier, and allow you to finally feel comfortable about security. There tools that do this, but they are not affordable at all.
Or maybe there is one?

Try our Perimeter Scan

Perimeter Scan

Let's secure your perimeter.

Example scan results

SSL version 3.0 is detected SSL/TLS Critical

Vulnerable httpd/apache version detected Patch Medium

SSH on standard port 22 detected Config Low

Todays requirements

SSL version 3.0 is detected
SSL/TLS Critical

Vulnerable httpd/apache version detected
Patch Medium

SSH on standard port 22 detected
Config Low