F-Secure Radar offers you complete control over vulnerability management.
It lets you:
- Map your true attack surface, before someone else does
- Measure yourself against PCI compliance
- Improve your security measures with easy management
- Get customized reports that fit your company’s needs
- Scale and adapt F-Secure Radar to your needs
- Use seamless API integration with 3rd party solutions
F-Secure Radar is a European solution that can be implemented on premise or be used from the cloud.
2. THERISK
ISHUGE
Sources:
1) AV Test
2) National Vulnerability Database
3) PwC, The Global State of Information Security® Survey 2015
Instances of
malware have
almost doubled
every year
since 2006 (1
On average,
19 new
vulnerabilities
emerge daily (2
In 2014, cyber
attacks reached
117,339
per day 3)
3. YOURCOMPANYIS
ATARGET
3
Sources:
1) Gartner
2) HP 2015 Cyber Risk Report
3) SANS Institute
4) National Vulnerability Database
75% of
attacks occur
at the
application
layer (1
86% of web
applications
have serious
security
issues (2
52% of the
issues are
long-known
Patch
deployment
is not
immediate (3
Third party
applications
amount to
80% of
vulnerabilities
(4
4. WHERE’S
THERISK?
4
Out-dated software
Misconfigured systems
Insecure web applications
Continuous vulnerability scanning
Strict vulnerability management
processes
Cover all your assets: Servers, desktops,
printers, routers, etc.
HOWTO
TACKLEIT?
8. 8
GET SMARTER ANALYSIS
Intuitive, browser based
graphical interface
Instant information
Sophisticated tools for
deeper analysis
STREAMLINE WORKFLOWS
Schedule automated
vulnerability scans
Monitor vulnerabilities
efficiently
GET THE BIG PICTURE
Map all your system assets
Get a total overview of the
current security level
GET IN CONTROL
Assign, follow and manage
security issues with your
system administrators,
software developers, testers,
auditors and security team
BETTER EVERY TIME
Continuously developed and
improved
Automatically updated
High quality vulnerability
checks and scanning engines
GET REPORTS THE WAY YOU
WANT THEM
Customizable reports with
reliable benchmarking
In the format you need
13. 13
F-SECURERADAR
DISCOVERYSCAN
F-Secure
Radar
Security
Center
• A fast and reliable port scanner
• Based on an asynchronous port scanning
techniques
• Fast host discovery mode (to be used on internal
networks)
• Supports service and operating system
detection
• Scan speed can be easily adjusted to suit your
network capacity
A scanning process that maps your whole
network and all its assets
F-Secure
Radar
Security
Center
14. 14
F-SECURERADAR
SYSTEMSCAN
F-Secure
Radar
Security
Center
• A platform scanner - able to identify known
vulnerabilities systems and software
• Capable of scanning any network device that talks IP
• Support authenticated scanning on Windows and Linux
• Low number of false positive and false negative
• Constantly kept up-to-date based on
- Public vulnerability databases such as National
Vulnerability Database and others
- Vulnerabilities discovered by our security
consultants
• Certified as a PCI ASV scanning tool
Identifies vulnerabilities associated with
configuration errors, improper patch
management, implementation oversights
etc.
F-Secure
Radar
Security
Center
15. 15
F-SECURERADAR
WEBSCAN
F-Secure
Radar
Security
Center
• A web application scanner - able to identify
vulnerabilities in custom applications
• Supports simple form-based authentication
• Supports assisted crawling (aka. recordings)
• Scalable to cover expanding needs
• Certified PCI ASV scanning tool
Tests for numerous web application
vulnerabilities
F-Secure
Radar
Security
Center
18. F-SECURERADAR
CLOUD
F-SECURE RADAR
SCAN NODE
18
PUBLICLY AVAILABLE
NETWORK
FIREWALL
WEB INTERFACE
LOCAL NETWORK
F-SECURE RADAR
SECURITY CENTER
• No limitations!
• Accessible from anywhere
• Always up-to-date
• Unlimited scan nodes included
• Tie our managed cyber security services
together with your F-Secure Radar solution
F-SECURE RADAR
SCAN NODE
19. 19
FIREWALL
LOCAl NETWORK
• Store your data in-house
• Deploy F-Secure Radar in isolated
environments
• Installed by F-Secure experts
• Scan nodes support two-way communication
- Initiated by scan node
- Initiated by F-Secure Radar Security Center
LOCAL ONSITE
SOLUTIONS
WEB INTERFACE
F-SECURERADAR
PRIVATE
F-SECURE RADAR
SCAN NODE
22. 22
• F-Secure Radar license required
• You define the scope and frequency
• Experts will regularly (monthly)
- Configure scans
- Review scan results
- Follow up on existing tickets
- Assign new tickets to system owners
- Deliver executive summary reports
- Attend quarterly status meeting
HOWITWORKS?
30. 30
F-SECURE
IN A ROW – BEST ENDPOINT
PROTECTION
www.f-secure.com/business
4YEARS
A recognized European vendor in
penetration testing, vulnerability
assessment, security consulting and training.
Developed by experts, based on years of
experience in the field.
Flexible development together with
customers.
A leading European cyber security specialist.
A LEADING EUROPEAN
CYBER SECURITY SPECIALIST
Editor's Notes
2) 26 percent of internal security teams took two to seven days to deploy patches to critical apps in use, while another 22 percent took eight to 30 days, and 14 percent needed 31 days to three months to deploy patches satisfactorily
WHERE’S THE RISK?
All listed items are not only the most common locations of vulnerabilities and weaknesses, but also items that F-Secure Radar System- and Web Scan is able to detect.
HOW TO TACKLE IT?
A one-time scan doesn't give the customers a lot. They have to run regular scans to stay on-top of things. Secondly, once you have detected a lot of vulnerabilities, it doesn't matter a lot, if you're not able to fix them – that's where our vulnerability management features in F-Secure Radar, perhaps combined with a managed service will help.
Scheduling
Our target customers always want to run scheduled scans. The scheduling feature is simply, but yet, it tells the difference between an Enterprise customer vs. a small customer (which is outside our focus area).
Vulnerability management
Imagine being a security manager. He run perhaps regular vulnerability scans, and receives a PDF report with findings on a regular basis. The findings is in a PDF file, that impossible to add notes, distribute across multiple people etc.
F-Secure Radar allow customers to store all vulnerability details in one place (F-Secure Radar). Manage the status of them (Confirmed, Pending, Accepted Risk, etc.). Add notes to the vulnerabilities. Consultants doing manual security assessments can even add their own vulnerabilities into F-Secure Radar.
Licensing
Compared to our competitors we're very strong. Our license model is very simple:
We provide unlimited amount of scans
We have everything included in one license model, no additional items, features, scan nodes etc. it needed
Many competitors have different pricing depending on internet facing and internal hosts – we don't
F-Secure Radar API
The primary purpose / use case for our is integrating F-Secure Radar with their existing, ticketing system or otherwise import/sync data with their internal systems. The API can of course also be used for more advanced tasks, such as automating various tasks. For example, add/remove hosts for scanning.
The usual workflow in F-Secure Radar
Discovery Scan: Detect all systems within your network range(s)
Scan all identified systems using System- and/or Web Scan
View and manage results by
Changing vulnerability status (confirmed, accepted risk, pending, false positive, etc.)
Add notes to vulnerabilities
Create tickets with a set of vulnerabilities, and assign someone to fix it
Generate reports based on custom settings, in the formats that suits you the best
Re-scan systems, either as a part of a scheduled scan routine, or because you want to verify that a fix as been implemented correctly
Map the attack surface, this refers to both Discovery Scan in terms of identifying all systems within a network range, but also as a result of getting full visibility into what is exposed on each individual system that has been scanned
Use F-Secure Radar to ensure you are complain with PCI (no medium/high-risk vulnerabilities) – or if you don't have to comply with PCI, it might still be interesting to measure yourself against the PCI DSS standard
Improve your security measures with easy management, refers to the vulnerability management capabilities F-Secure Radar has, including the built-in ticketing system
Generate reports that suite your needs
Scale and adapt, refers to the fact that F-Secure Radar can easily be scaled by adding more scan nodes. The scan nodes are also flexible, because they support two-way communication (not many competitors support that). Finally, the web interface (F-Secure Radar Security Center) is also designed to be able to handle thousands of systems
API integration with internal ticketing systems, SIEM solutions or similar
A key selling point. F-Secure Radar wraps three scanning tools into one unified interface, and provide similar look and feel for all reports you generate across all tools. You can even combine reports across different tools.
Customers might use multiple tools to handle platform and web application scanning, which generate different reports. With F-Secure Radar you get everything in one solution.
Brief overview of the F-Secure Radar Security Centre
Centralized reporting, multiple report formats (XML, Word, HTML, CSV…)
Great overview of all assets and ability to react fast on shellshock/heartbleed vulns.
Ticketing and VM (manage and priorities thousands of vulnerabilities)
API interface (integrate with other systems)
Add manual vulnerabilities (found from other assessment and important burp results)
Brief overview of the F-Secure Radar Security Centre
Centralized reporting, multiple report formats (XML, Word, HTML, CSV…)
Great overview of all assets and ability to react fast on shellshock/heartbleed vulns.
Ticketing and VM (manage and priorities thousands of vulnerabilities)
API interface (integrate with other systems)
Add manual vulnerabilities (found from other assessment and important burp results)
Brief overview of the F-Secure Radar Security Centre
Centralized reporting, multiple report formats (XML, Word, HTML, CSV…)
Great overview of all assets and ability to react fast on shellshock/heartbleed vulns.
Ticketing and VM (manage and priorities thousands of vulnerabilities)
API interface (integrate with other systems)
Add manual vulnerabilities (found from other assessment and important burp results)
Brief overview of the F-Secure Radar Security Centre
Centralized reporting, multiple report formats (XML, Word, HTML, CSV…)
Great overview of all assets and ability to react fast on shellshock/heartbleed vulns.
Ticketing and VM (manage and priorities thousands of vulnerabilities)
API interface (integrate with other systems)
Add manual vulnerabilities (found from other assessment and important burp results)
F-Secure Radar can be deployed in the cloud or hosted by the customer.
F-Secure Radar Cloud - is the preferred solution because:
F-Secure can easily access the system
Automatically deploy new updates to the user interface (vulnerability checks are always up-to-date)
To provide customer support
Combine it with managed services
F-Secure Radar can be accessed from anywhere, for example by the customer's partners
No backup, hosting or maintenance required - F-Secure takes care of it all
Even if you run in the cloud, you can still scan your internal systems, using internal scan nodes
F-Secure Radar Private
Is for those who is forced to store all data in-house
Is limited in terms of remote support
Require manual updates for the F-Secure Radar user interface
License cost is higher
F-Secure Radar can be deployed in the cloud or hosted by the customer.
F-Secure Radar Cloud - is the preferred solution because:
F-Secure can easily access the system
Automatically deploy new updates to the user interface (vulnerability checks are always up-to-date)
To provide customer support
Combine it with managed services
F-Secure Radar can be accessed from anywhere, for example by the customer's partners
No backup, hosting or maintenance required - F-Secure takes care of it all
Even if you run in the cloud, you can still scan your internal systems, using internal scan nodes
F-Secure Radar Private
Is for those who is forced to store all data in-house
Is limited in terms of remote support
Require manual updates for the F-Secure Radar user interface
License cost is higher
Based on our history of selling F-Secure Radar as a pure license, we often saw systems were misconfigured, left unused. The alternative that everything was setup and running, but the vulnerabilities were never fixes. This is where F-Secure Radar as a managed service comes into play. In short, its all about letting the customer focus on what they do best, and manage their systems as they do. We should not try to make them vulnerability scanning experts – instead we help them to drive the vulnerability management process, priorities what should be fixed first, follow up on reported issues (tickets).
This process will mean we will be an internal security advisor, we will have regular visibility in the organization, by delivering monthly reports to system owners and other stakeholders. We get in direct contact with many different departments and eventually we will create awareness around security.
The slide already describes the different tasks that is involved in a typical managed service. It is however very important to stress that the managed service should always be adapted to the customer's needs. For example, it might be they want to have a different graph in the monthly reports, then we will add that.
We might have to deliver tickets to a single person or take care of all the communication directly with their hosting provider, who is responsible for the platform layer etc.
These are the different areas within a organization that F-Secure Radar is able to complement.
MANAGE: Managers are able to follow their overall security level, generate reports, follow trends and use F-Secure Radar to keep an eye on how the internal security develops.
ENHANCE: Use F-Secure Radar to enhance the business. Ensure products doesn't go live without passing a security scan, get certified etc.
ASSESS: Use F-Secure Radar to measure yourself up against security standards such as PCI, let developers run scans and catch vulnerabilities and bugs at an early stage, before they reach production. Finally, if an incident should occur, F-Secure Radar can be an extremely helpful tool to quickly map the possible entry points of an attack.
F-Secure Radar is developed from the ground up by us. Many years back, we did rely on third-party scanning engines, but decided to change because we couldn't control the development. We wanted to implement changes fast, make vulnerability checks immediately once we vulnerabilities were announced to the public – and we can do this now.
Furthermore, we can also spare with our internal penetration testers. When a consultant have found a vulnerability in a product our customer is using, he has the ability to request new plugins (vulnerability checks) for the software he just assessed. Eventually, making F-Secure Radar a vulnerability scanning tool that is highly optimized to software often seen in enterprise environments.
Based on our history of selling F-Secure Radar as a pure license, we often saw systems were misconfigured, left unused. The alternative that everything was setup and running, but the vulnerabilities were never fixes. This is where F-Secure Radar as a managed service comes into play. In short, its all about letting the customer focus on what they do best, and manage their systems as they do. We should not try to make them vulnerability scanning experts – instead we help them to drive the vulnerability management process, priorities what should be fixed first, follow up on reported issues (tickets).
This process will mean we will be an internal security advisor, we will have regular visibility in the organization, by delivering monthly reports to system owners and other stakeholders. We get in direct contact with many different departments and eventually we will create awareness around security.