![](https://static.wixstatic.com/media/8075ef_f45c7160e9874a01acbdd4770455c9dd~mv2.jpg/v1/fill/w_2102,h_651,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/8075ef_f45c7160e9874a01acbdd4770455c9dd~mv2.jpg)
![](https://static.wixstatic.com/media/8075ef_75e354ee25384a93bc0bb01985733c7a~mv2.png/v1/fill/w_497,h_174,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/8075ef_75e354ee25384a93bc0bb01985733c7a~mv2.png)
MCP
Assessor
Assessor Hardware
Our Assessor scans local & public IP's resulting in the best vulnerability assessments.
![](https://static.wixstatic.com/media/8075ef_9fefba41b1cc4963a3e5a38fb29f1439~mv2.jpg/v1/fill/w_79,h_86,al_c,q_80,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_9fefba41b1cc4963a3e5a38fb29f1439~mv2.jpg)
Branch
offices
![](https://static.wixstatic.com/media/8075ef_b2d8edd7e78943b6900929a9acb06d26~mv2.png/v1/fill/w_74,h_59,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_b2d8edd7e78943b6900929a9acb06d26~mv2.png)
Internet
DNS
SMTP
IP
![](https://static.wixstatic.com/media/8075ef_84dfc44597a24ed59e3d26497d793254~mv2_d_4960_2798_s_4_2.png/v1/fill/w_119,h_67,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_84dfc44597a24ed59e3d26497d793254~mv2_d_4960_2798_s_4_2.png)
Router
![](https://static.wixstatic.com/media/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png/v1/fill/w_163,h_163,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png)
![](https://static.wixstatic.com/media/8075ef_dec6afb1c78c4286b7e91a1320c75dc2~mv2_d_1667_1667_s_2.png/v1/fill/w_58,h_58,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_dec6afb1c78c4286b7e91a1320c75dc2~mv2_d_1667_1667_s_2.png)
Local office
![](https://static.wixstatic.com/media/8075ef_d8bee092534c4475b2fcc22ec5a58ed4~mv2_d_1600_1600_s_2.png/v1/fill/w_33,h_33,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_d8bee092534c4475b2fcc22ec5a58ed4~mv2_d_1600_1600_s_2.png)
Servers
![](https://static.wixstatic.com/media/8075ef_b896751ab1904641af344a8c4a632b4e~mv2_d_1600_1600_s_2.png/v1/fill/w_30,h_30,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_b896751ab1904641af344a8c4a632b4e~mv2_d_1600_1600_s_2.png)
Workstation
![](https://static.wixstatic.com/media/8075ef_ae55c4f0d390466ebf41afab49094d61~mv2.png/v1/fill/w_30,h_30,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_ae55c4f0d390466ebf41afab49094d61~mv2.png)
Printers
![](https://static.wixstatic.com/media/8075ef_84dfc44597a24ed59e3d26497d793254~mv2_d_4960_2798_s_4_2.png/v1/fill/w_82,h_46,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_84dfc44597a24ed59e3d26497d793254~mv2_d_4960_2798_s_4_2.png)
WIFI
![](https://static.wixstatic.com/media/8075ef_cabcaf1eed9f4f4eb90957aecab372a6~mv2.png/v1/fill/w_32,h_32,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_cabcaf1eed9f4f4eb90957aecab372a6~mv2.png)
IP phones
![](https://static.wixstatic.com/media/8075ef_75e354ee25384a93bc0bb01985733c7a~mv2.png/v1/fill/w_570,h_199,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/8075ef_75e354ee25384a93bc0bb01985733c7a~mv2.png)
![](https://static.wixstatic.com/media/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png/v1/fill/w_59,h_59,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png)
![](https://static.wixstatic.com/media/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png/v1/fill/w_59,h_59,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png)
![](https://static.wixstatic.com/media/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png/v1/fill/w_59,h_59,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png)
![](https://static.wixstatic.com/media/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png/v1/fill/w_59,h_59,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png)
![](https://static.wixstatic.com/media/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png/v1/fill/w_60,h_60,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png)
![](https://static.wixstatic.com/media/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png/v1/fill/w_60,h_60,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png)
![](https://static.wixstatic.com/media/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png/v1/fill/w_60,h_60,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_647207ab0fc749de83c9f79b6be20f78~mv2.png)
Vulnerability Scanning & Assessment Methodology Explained
1
Step One: Host Alive Status
![](https://static.wixstatic.com/media/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png/v1/fill/w_163,h_163,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png)
-
Checking if the target is alive & information gathering.
-
To consume data, use the most optimized scanning the Assessor will determine if the target IP address must be scanned.
-
It uses different techniques for this to also detect firewalled systems or otherwise hard to detect a pulse from.
-
One technique is to probe for TCP & UDP ports.
-
A scan can also be forced even if the target appears to be offline or not alive.
2
Step Two: Firewall Detection
![](https://static.wixstatic.com/media/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png/v1/fill/w_163,h_163,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png)
-
Determine if the target system is behind a firewall, IDS or IPS system.
-
Some systems appear to be offline where in reality they are just firewalled off & can still be wide open to attack.
-
In the Firewall detection module, it can use different techniques to detect firewalling/filtering/IPSed devices.
-
The test will also gather more network information from the infrastructure when doing TCP & UDP port probing.
3
Step Three: TCP UDP Portscan
![](https://static.wixstatic.com/media/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png/v1/fill/w_163,h_163,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png)
-
TCP & UDP port scanning to determine open ports & scanned.
-
In most setups using the best scan profile can be recommended to save time & network bandwidth.
-
For more in-depth analysis the full scan profiles are recommended.
4
Step Four: OS & Service Detection
![](https://static.wixstatic.com/media/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png/v1/fill/w_163,h_163,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png)
-
Serviced, OS & services version detection. Operating system detection & optimizing.
-
Once the TCP & UDP scanning has completed, the Assessor will use different techniques to identify operating system running on the target host.
5
Step Five: Profile Vulnerability Scanning
![](https://static.wixstatic.com/media/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png/v1/fill/w_163,h_163,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png)
-
Based on selection of one of the nine scanning profiles selected.
-
Right profile is applied for optimized Vulnerability Scanning results.
-
Launch scanning modules, exploits or Denial of Service (DoS) depending on which of 9 profile selected.
-
Best Scan – Popular Ports
-
CMS Web Scan – Joomla, Wordpress, Drupal, General CMS
-
Quick Scan – Most Common Ports
-
Best Scan – 65.535 Ports
-
Firewall Scan – Stealth Scan
-
Aggressive Scan - Full Scan, Exploits & DoS Attacks
-
OWASP Top 10 Scan – OWASP Checks
-
PCI-DSS Preparation for Web Applications
-
HIPAA Policy Scan for Compliance
6
Step Six: Report Generation
Reporting Generation in different formats and outputs risk analysis and remediation suggestion.
![](https://static.wixstatic.com/media/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png/v1/fill/w_163,h_163,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_5af71ba8944648a1a48477a1adb362ae~mv2.png)
-
Popular categories to scan for includes and not limited to:
-
Recommended ports. Scans 8000 among the most common ports
-
Performs 55,000+ checks Web application vulnerability scanner WAS
-
Automatic Service Identification, SQL Injection, XSS Cross Site Scripting, Command Execution
-
Web Crawler, Google Hack DB, Joomla Security Scan, Google Safe Browsing, 50+ Blacklist Checks
-
Wordpress Security Scan, Firewall, DNS, FTP, Web, SSL, SSH, SQL, Netbios and much more.
-
Scans Windows, Mac OS X, Linux, Nix and other operating systems.
-
Duration can be several hours depending on how many services are found during the can.
-
It is designed to be non-harmful and not flood the services by silmulating the human behavior.
Features
![](https://static.wixstatic.com/media/8075ef_2de463293ea44273b056d71839501090~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_2de463293ea44273b056d71839501090~mv2.png)
Scheduled Auditing
-
Automatic scheduled auditing
-
Automatic alert about new identified security vulnerabilities
-
Shows new vulnerabilities discovered and compares them with old records to show the progress in the security level
![](https://static.wixstatic.com/media/8075ef_3650aa40779848779cce008b8fc879f4~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_3650aa40779848779cce008b8fc879f4~mv2.png)
Automatic Update
-
Automatic daily database updates
-
Automatic firmware updates with new features and functionality
-
Centralized update point
-
Automatic alerts when database is expired
-
Option to upload updates manually via the interface
![](https://static.wixstatic.com/media/8075ef_e56764a101a24431958b64a851cdc7cd~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_e56764a101a24431958b64a851cdc7cd~mv2.png)
Security Audit Features
-
Vulnerability assessment
-
60,000 + vulnerabilities
-
Unlimited auditing
-
No software installation
-
Advanced audit options
-
Launch real exploits
-
Security audit any OS
-
Automatic web crawl script
-
OS independent interface
-
SANS top 20
-
Malware Detection
![](https://static.wixstatic.com/media/8075ef_b08f755de9ab438f8404aa1fbc3c0d1b~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_b08f755de9ab438f8404aa1fbc3c0d1b~mv2.png)
Multi User Support
-
Supports multiple users to login at the same time
-
Individual user accounts with different audit options and IP ranges
-
Individual user security level
-
Admin and regular users
![](https://static.wixstatic.com/media/8075ef_875f74b788ce4db09bca762fd0cca9bc~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_875f74b788ce4db09bca762fd0cca9bc~mv2.png)
Penetration Testing
-
Launch real exploits for Windows, Unix, Routers, Firewalls and more
-
Launch real denial of service attacks
-
Launch distributed denial of service via distributed setup
![](https://static.wixstatic.com/media/8075ef_e4913c7c5fa54d59a2210601a6dd1f9c~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_e4913c7c5fa54d59a2210601a6dd1f9c~mv2.png)
Scalable and Upgradeable
-
All units can be upgraded for network growth via a software license
-
Investment protection
![](https://static.wixstatic.com/media/8075ef_7682eb7f894e47c5a0a62fe5575b6ebe~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_7682eb7f894e47c5a0a62fe5575b6ebe~mv2.png)
Security Audit Configuration
-
Virtual host auditing
-
Audit specific ports
-
Audit specific web directories
-
Email notification when an audit is finished
![](https://static.wixstatic.com/media/8075ef_2a9efdca1fe5437584a84b06932680c4~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_2a9efdca1fe5437584a84b06932680c4~mv2.png)
Fins Cross Site Scripting,
SQL Injection and Web Errors
-
Automatic web crawling engine identifies known and unknown files on websites
-
Finds Cross Site Scripting
-
Finds SQL Injection
-
Finds Web Errors
-
Black Hat SEO Scanner
-
Google Hack DB
![](https://static.wixstatic.com/media/8075ef_dcccbbb52dbd46f5986249cd3defb51f~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_dcccbbb52dbd46f5986249cd3defb51f~mv2.png)
Support & Maintenance
-
One-year database subscription included
-
Full supports included in price
-
Option for instant replacement hardware
-
Web-based user interface (https)
-
Quick setup wizard
-
Configuration backup/restore
-
Email alert and logging via syslog
-
Build-in diagnostic function
![](https://static.wixstatic.com/media/8075ef_a14075febfe94a518a244996dbd4ebe8~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_a14075febfe94a518a244996dbd4ebe8~mv2.png)
Distribution Security Auditing
-
Security audit remote locations from a centralized point
-
Centralized reporting
-
Centralized data storage
-
Centralized control
![](https://static.wixstatic.com/media/8075ef_4e1a8ba6051b4559b63d2036b2df195a~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_4e1a8ba6051b4559b63d2036b2df195a~mv2.png)
Security Scanning of:
-
Wordpress, Drupal, Magento, Shopify, Umraco, Joomla, Webshops
![](https://static.wixstatic.com/media/8075ef_3c9b934e128f4b928448f23ed5e83a69~mv2.png/v1/fill/w_51,h_51,al_c,q_85,usm_0.66_1.00_0.01,blur_3,enc_auto/8075ef_3c9b934e128f4b928448f23ed5e83a69~mv2.png)
Easy-to-understand Reporting
-
XML PDF and HTML reports
-
Reports branding allowed
-
Option for syslog remote logging