Today, we’re going to talk a little about improving security scans as a precursor to our upcoming webinar with Qualys on Nov. 5 at 1:00 p.m. EST (register here).
Every network administrator spends part of their working hours checking their network for vulnerabilities. This may be done manually, but if using a tool, the most common type is a security scan.
For the most part, security scans examine your network from the outside looking in. They give you an idea of what an outside attacker might find when trying to break into your network. That, however, is only part the overall threats to your network. If an attacker gains access to an admin-level password, they will have a whole new, internal perspective of the network. Internal threats also need to be considered, such as employees that have network access but may be vengeful and angry, or may simply be less-than-careful and share their passwords with others or leave them lying around.
For these insider perspectives, a normal security scan looking at perimeter security will not provide useful information. Instead, you would need a scanning tool that can search inside your network to understand internal security holes and how easily someone with credentials could move within the network.
The QualysGuard cloud platform offers a variety of tools to secure your network, including authenticated scans. Unlike unauthenticated scans, which can only give the perspective of someone without credentials trying to break in from the outside, authenticated scanning allows you to search within your network. With authenticated scanning, your tool would have access to network credentials, allowing it to look for possible malware, registry problems, patch issues, incorrect software configurations and more.
Thycotic Software is partnered with QualysGaurd with an integration built so that credentials used for scanning are securely stored within Secret Server. The vulnerability scanning tool, such as QualysGuard, connects with Secret Server to gain credential access as needed. This enables teams to keep credentials secure and change passwords as needed with Secret Server, while ensuring the vulnerability scanning tool always has accurate credentials for authenticated scans.
Join our webinar on Nov. 5 at 1:00 p.m. EST to learn more about authenticated scanning and find out why America First, a national credit union, implemented authenticated scanning with QualysGuard and Secret Server. Sign up here.