Stop Looking for Vulnerabilities. Start Fixing Them with F-Secure Radar
•Download as PPTX, PDF•
6 likes•5,078 views
F-Secure Radar offers you complete control over vulnerability management. It lets you: - Map your true attack surface, before someone else does - Measure yourself against PCI compliance - Improve your security measures with easy management - Get customized reports that fit your company’s needs - Scale and adapt F-Secure Radar to your needs - Use seamless API integration with 3rd party solutions F-Secure Radar is a European solution that can be implemented on premise or be used from the cloud.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (17)
Similar to Stop Looking for Vulnerabilities. Start Fixing Them with F-Secure Radar
Similar to Stop Looking for Vulnerabilities. Start Fixing Them with F-Secure Radar (20)
More from F-Secure Corporation
More from F-Secure Corporation (18)
Recently uploaded
Recently uploaded (20)
Stop Looking for Vulnerabilities. Start Fixing Them with F-Secure Radar
- 1. STOP LOOKING FOR VULNERABILITIES. START FIXING THEM. F-Secure Radar
- 2. THERISK ISHUGE Sources: 1) AV Test 2) National Vulnerability Database 3) PwC, The Global State of Information Security® Survey 2015 Instances of malware have almost doubled every year since 2006 (1 On average, 19 new vulnerabilities emerge daily (2 In 2014, cyber attacks reached 117,339 per day 3)
- 3. YOURCOMPANYIS ATARGET 3 Sources: 1) Gartner 2) HP 2015 Cyber Risk Report 3) SANS Institute 4) National Vulnerability Database 75% of attacks occur at the application layer (1 86% of web applications have serious security issues (2 52% of the issues are long-known Patch deployment is not immediate (3 Third party applications amount to 80% of vulnerabilities (4
- 4. WHERE’S THERISK? 4 Out-dated software Misconfigured systems Insecure web applications Continuous vulnerability scanning Strict vulnerability management processes Cover all your assets: Servers, desktops, printers, routers, etc. HOWTO TACKLEIT?
- 5. MEET F-SECURERADAR 5 A VULNERABILITY MANAGEMENT SOLUTION THAT GIVES YOU THE TOOLS AND CONTROL TO MANAGE THE RISK
- 6. COMPLETE CONTROLOVER VULNERABILITY MANAGEMENT 6 From automated scan scheduling to verification scans Unlimited scans with one single license Flexible API for integration with your ticketing systems
- 7. THISIS F-SECURE RADAR 7 DISCOVERY map network assets SCAN systems & applications MANAGE priorities and assign system owners REPORT customizable for technicians and executives VERIFY rescan and spot changes
- 8. 8 GET SMARTER ANALYSIS Intuitive, browser based graphical interface Instant information Sophisticated tools for deeper analysis STREAMLINE WORKFLOWS Schedule automated vulnerability scans Monitor vulnerabilities efficiently GET THE BIG PICTURE Map all your system assets Get a total overview of the current security level GET IN CONTROL Assign, follow and manage security issues with your system administrators, software developers, testers, auditors and security team BETTER EVERY TIME Continuously developed and improved Automatically updated High quality vulnerability checks and scanning engines GET REPORTS THE WAY YOU WANT THEM Customizable reports with reliable benchmarking In the format you need
- 9. © F-Secure Confidential9 KEYBENEFITS TOYOU • Map your true attack surface before someone else does • Measure yourself against PCI compliance • Improve your security measures with easy management • Get customized reports that fit your company’s needs • Scale and adapt F-Secure Radar to your needs • Use seamless API integration with 3rd party solutions
- 10. RADAR FEATURES 10 DETECT AND MANAGE THOUSANDS OF ASSETS AND VULNERABILITIES IN ONE SOLUTION
- 11. Discovery Scan System Scan Web Scan F-Secure Radar Security Center 3 IN 1SCANNING SOLUTION
- 12. 12 F-SECURERADAR SECURITYCENTER F-Secure Radar Security Center F-Secure Radar Security Center • Centralized reporting with uniform look and feel • Vulnerability management and ticketing system • API interface • Add vulnerabilities manually • Portal in English
- 13. 13 F-SECURERADAR DISCOVERYSCAN F-Secure Radar Security Center • A fast and reliable port scanner • Based on an asynchronous port scanning techniques • Fast host discovery mode (to be used on internal networks) • Supports service and operating system detection • Scan speed can be easily adjusted to suit your network capacity A scanning process that maps your whole network and all its assets F-Secure Radar Security Center
- 14. 14 F-SECURERADAR SYSTEMSCAN F-Secure Radar Security Center • A platform scanner - able to identify known vulnerabilities systems and software • Capable of scanning any network device that talks IP • Support authenticated scanning on Windows and Linux • Low number of false positive and false negative • Constantly kept up-to-date based on - Public vulnerability databases such as National Vulnerability Database and others - Vulnerabilities discovered by our security consultants • Certified as a PCI ASV scanning tool Identifies vulnerabilities associated with configuration errors, improper patch management, implementation oversights etc. F-Secure Radar Security Center
- 15. 15 F-SECURERADAR WEBSCAN F-Secure Radar Security Center • A web application scanner - able to identify vulnerabilities in custom applications • Supports simple form-based authentication • Supports assisted crawling (aka. recordings) • Scalable to cover expanding needs • Certified PCI ASV scanning tool Tests for numerous web application vulnerabilities F-Secure Radar Security Center
- 18. F-SECURERADAR CLOUD F-SECURE RADAR SCAN NODE 18 PUBLICLY AVAILABLE NETWORK FIREWALL WEB INTERFACE LOCAL NETWORK F-SECURE RADAR SECURITY CENTER • No limitations! • Accessible from anywhere • Always up-to-date • Unlimited scan nodes included • Tie our managed cyber security services together with your F-Secure Radar solution F-SECURE RADAR SCAN NODE
- 19. 19 FIREWALL LOCAl NETWORK • Store your data in-house • Deploy F-Secure Radar in isolated environments • Installed by F-Secure experts • Scan nodes support two-way communication - Initiated by scan node - Initiated by F-Secure Radar Security Center LOCAL ONSITE SOLUTIONS WEB INTERFACE F-SECURERADAR PRIVATE F-SECURE RADAR SCAN NODE
- 21. © F-Secure Confidential21 Missing the big overview • What kind of action plan / recommendations should be delivered to the management? • What do we need the most right now? COMMONCUSTOMER CHALLENGES Lacking internal knowledge • Not enough knowledge about the vulnerabilities? • Troubles configuring the scans in an optimal way? • Overwhelmed by all the findings? Lacking the time or resources • No time to review results? • No time to delegate vulnerabilities to be corrected? • No time to follow up, re-scan and verify corrections?
- 22. 22 • F-Secure Radar license required • You define the scope and frequency • Experts will regularly (monthly) - Configure scans - Review scan results - Follow up on existing tickets - Assign new tickets to system owners - Deliver executive summary reports - Attend quarterly status meeting HOWITWORKS?
- 24. © F-Secure Confidential24 Security & Risk Assessment Security Advisory Compliance&SecurityImprovement Vulnerability Management Training & Security Culture End-Point Protection E-Mail & Web Traffic Scanning Central Security Management Forensics Incident Response Security Monitoring & Alerting PREDICT PREVENT DETECTRESPOND ANELEMENTOF HOLISTICCYBERSECURITY
- 25. F-SECURE RADARASAN INTEGRATED PARTOFYOUR BUSINESS SECURITY © F-Secure Confidential25 Security Improvement Program Security Management Incident Response Services Secure Software Development PCI Compliance Vulnerability Assessment PCI ASV Scans MANAGE ENHANCE ASSESS End-Point and Network Protection - the basis of every security strategy F-SECURE RADAR
- 26. • Select and analyze subsets of scans • Create, save and edit custom reports • Flexible and editable report formats to suit your needs Word and Excel reports Traditional CSV or XML reports Or access data using the F-Secure Radar API • Add notes to vulnerabilities • Change vulnerability state (Confirmed, Accepted risk, False positive..) • Add your own vulnerabilities HIGHLY CUSTOMISABLE REPORTINGCENTRE © F-Secure Confidential26
- 27. ANINTEGRALPARTOF YOUR PCICOMPLIANCE PROGRAM An approved PCI ASV scanning solution Validate your compliance Complement your Qualified Security Assessor (QSA) Vulnerability scans performed according to the PCI requirements Available for regular testing and for identifying newly discovered vulnerabilities Reporting tools to deliver the associated scanning reports © F-Secure Confidential27
- 28. DETAILS 28
- 29. © F-Secure Confidential29 Pricing • Based on the number of hosts/IPs scanned for vulnerabilities • License starts at min. 100 IPs • Choose monthly or yearly billing • Volume discounts F-SECURERADAR SIMPLEPRICINGMODEL Benefits • No feature limitations • Access to all scanning engines • Access to Karhu API • No hidden costs Benefits • Unlimited number of scan nodes • Unlimited number of scans against your licensed systems • Unlimited number of user accounts • No scanning restrictions
- 30. 30 F-SECURE IN A ROW – BEST ENDPOINT PROTECTION www.f-secure.com/business 4YEARS A recognized European vendor in penetration testing, vulnerability assessment, security consulting and training. Developed by experts, based on years of experience in the field. Flexible development together with customers. A leading European cyber security specialist. A LEADING EUROPEAN CYBER SECURITY SPECIALIST
Editor's Notes
- 2) 26 percent of internal security teams took two to seven days to deploy patches to critical apps in use, while another 22 percent took eight to 30 days, and 14 percent needed 31 days to three months to deploy patches satisfactorily
- WHERE’S THE RISK? All listed items are not only the most common locations of vulnerabilities and weaknesses, but also items that F-Secure Radar System- and Web Scan is able to detect. HOW TO TACKLE IT? A one-time scan doesn't give the customers a lot. They have to run regular scans to stay on-top of things. Secondly, once you have detected a lot of vulnerabilities, it doesn't matter a lot, if you're not able to fix them – that's where our vulnerability management features in F-Secure Radar, perhaps combined with a managed service will help.
- Scheduling Our target customers always want to run scheduled scans. The scheduling feature is simply, but yet, it tells the difference between an Enterprise customer vs. a small customer (which is outside our focus area). Vulnerability management Imagine being a security manager. He run perhaps regular vulnerability scans, and receives a PDF report with findings on a regular basis. The findings is in a PDF file, that impossible to add notes, distribute across multiple people etc. F-Secure Radar allow customers to store all vulnerability details in one place (F-Secure Radar). Manage the status of them (Confirmed, Pending, Accepted Risk, etc.). Add notes to the vulnerabilities. Consultants doing manual security assessments can even add their own vulnerabilities into F-Secure Radar. Licensing Compared to our competitors we're very strong. Our license model is very simple: We provide unlimited amount of scans We have everything included in one license model, no additional items, features, scan nodes etc. it needed Many competitors have different pricing depending on internet facing and internal hosts – we don't F-Secure Radar API The primary purpose / use case for our is integrating F-Secure Radar with their existing, ticketing system or otherwise import/sync data with their internal systems. The API can of course also be used for more advanced tasks, such as automating various tasks. For example, add/remove hosts for scanning.
- The usual workflow in F-Secure Radar Discovery Scan: Detect all systems within your network range(s) Scan all identified systems using System- and/or Web Scan View and manage results by Changing vulnerability status (confirmed, accepted risk, pending, false positive, etc.) Add notes to vulnerabilities Create tickets with a set of vulnerabilities, and assign someone to fix it Generate reports based on custom settings, in the formats that suits you the best Re-scan systems, either as a part of a scheduled scan routine, or because you want to verify that a fix as been implemented correctly
- Map the attack surface, this refers to both Discovery Scan in terms of identifying all systems within a network range, but also as a result of getting full visibility into what is exposed on each individual system that has been scanned Use F-Secure Radar to ensure you are complain with PCI (no medium/high-risk vulnerabilities) – or if you don't have to comply with PCI, it might still be interesting to measure yourself against the PCI DSS standard Improve your security measures with easy management, refers to the vulnerability management capabilities F-Secure Radar has, including the built-in ticketing system Generate reports that suite your needs Scale and adapt, refers to the fact that F-Secure Radar can easily be scaled by adding more scan nodes. The scan nodes are also flexible, because they support two-way communication (not many competitors support that). Finally, the web interface (F-Secure Radar Security Center) is also designed to be able to handle thousands of systems API integration with internal ticketing systems, SIEM solutions or similar
- A key selling point. F-Secure Radar wraps three scanning tools into one unified interface, and provide similar look and feel for all reports you generate across all tools. You can even combine reports across different tools. Customers might use multiple tools to handle platform and web application scanning, which generate different reports. With F-Secure Radar you get everything in one solution.
- Brief overview of the F-Secure Radar Security Centre Centralized reporting, multiple report formats (XML, Word, HTML, CSV…) Great overview of all assets and ability to react fast on shellshock/heartbleed vulns. Ticketing and VM (manage and priorities thousands of vulnerabilities) API interface (integrate with other systems) Add manual vulnerabilities (found from other assessment and important burp results)
- Brief overview of the F-Secure Radar Security Centre Centralized reporting, multiple report formats (XML, Word, HTML, CSV…) Great overview of all assets and ability to react fast on shellshock/heartbleed vulns. Ticketing and VM (manage and priorities thousands of vulnerabilities) API interface (integrate with other systems) Add manual vulnerabilities (found from other assessment and important burp results)
- Brief overview of the F-Secure Radar Security Centre Centralized reporting, multiple report formats (XML, Word, HTML, CSV…) Great overview of all assets and ability to react fast on shellshock/heartbleed vulns. Ticketing and VM (manage and priorities thousands of vulnerabilities) API interface (integrate with other systems) Add manual vulnerabilities (found from other assessment and important burp results)
- Brief overview of the F-Secure Radar Security Centre Centralized reporting, multiple report formats (XML, Word, HTML, CSV…) Great overview of all assets and ability to react fast on shellshock/heartbleed vulns. Ticketing and VM (manage and priorities thousands of vulnerabilities) API interface (integrate with other systems) Add manual vulnerabilities (found from other assessment and important burp results)
- F-Secure Radar can be deployed in the cloud or hosted by the customer. F-Secure Radar Cloud - is the preferred solution because: F-Secure can easily access the system Automatically deploy new updates to the user interface (vulnerability checks are always up-to-date) To provide customer support Combine it with managed services F-Secure Radar can be accessed from anywhere, for example by the customer's partners No backup, hosting or maintenance required - F-Secure takes care of it all Even if you run in the cloud, you can still scan your internal systems, using internal scan nodes F-Secure Radar Private Is for those who is forced to store all data in-house Is limited in terms of remote support Require manual updates for the F-Secure Radar user interface License cost is higher
- F-Secure Radar can be deployed in the cloud or hosted by the customer. F-Secure Radar Cloud - is the preferred solution because: F-Secure can easily access the system Automatically deploy new updates to the user interface (vulnerability checks are always up-to-date) To provide customer support Combine it with managed services F-Secure Radar can be accessed from anywhere, for example by the customer's partners No backup, hosting or maintenance required - F-Secure takes care of it all Even if you run in the cloud, you can still scan your internal systems, using internal scan nodes F-Secure Radar Private Is for those who is forced to store all data in-house Is limited in terms of remote support Require manual updates for the F-Secure Radar user interface License cost is higher
- Based on our history of selling F-Secure Radar as a pure license, we often saw systems were misconfigured, left unused. The alternative that everything was setup and running, but the vulnerabilities were never fixes. This is where F-Secure Radar as a managed service comes into play. In short, its all about letting the customer focus on what they do best, and manage their systems as they do. We should not try to make them vulnerability scanning experts – instead we help them to drive the vulnerability management process, priorities what should be fixed first, follow up on reported issues (tickets). This process will mean we will be an internal security advisor, we will have regular visibility in the organization, by delivering monthly reports to system owners and other stakeholders. We get in direct contact with many different departments and eventually we will create awareness around security.
- The slide already describes the different tasks that is involved in a typical managed service. It is however very important to stress that the managed service should always be adapted to the customer's needs. For example, it might be they want to have a different graph in the monthly reports, then we will add that. We might have to deliver tickets to a single person or take care of all the communication directly with their hosting provider, who is responsible for the platform layer etc.
- These are the different areas within a organization that F-Secure Radar is able to complement. MANAGE: Managers are able to follow their overall security level, generate reports, follow trends and use F-Secure Radar to keep an eye on how the internal security develops. ENHANCE: Use F-Secure Radar to enhance the business. Ensure products doesn't go live without passing a security scan, get certified etc. ASSESS: Use F-Secure Radar to measure yourself up against security standards such as PCI, let developers run scans and catch vulnerabilities and bugs at an early stage, before they reach production. Finally, if an incident should occur, F-Secure Radar can be an extremely helpful tool to quickly map the possible entry points of an attack.
- F-Secure Radar is developed from the ground up by us. Many years back, we did rely on third-party scanning engines, but decided to change because we couldn't control the development. We wanted to implement changes fast, make vulnerability checks immediately once we vulnerabilities were announced to the public – and we can do this now. Furthermore, we can also spare with our internal penetration testers. When a consultant have found a vulnerability in a product our customer is using, he has the ability to request new plugins (vulnerability checks) for the software he just assessed. Eventually, making F-Secure Radar a vulnerability scanning tool that is highly optimized to software often seen in enterprise environments.
- Based on our history of selling F-Secure Radar as a pure license, we often saw systems were misconfigured, left unused. The alternative that everything was setup and running, but the vulnerabilities were never fixes. This is where F-Secure Radar as a managed service comes into play. In short, its all about letting the customer focus on what they do best, and manage their systems as they do. We should not try to make them vulnerability scanning experts – instead we help them to drive the vulnerability management process, priorities what should be fixed first, follow up on reported issues (tickets). This process will mean we will be an internal security advisor, we will have regular visibility in the organization, by delivering monthly reports to system owners and other stakeholders. We get in direct contact with many different departments and eventually we will create awareness around security.