HUNTING down malicious elements already inside
Cyber resilient organisations know that it is time to go hunting. They embrace the fact that hackers have breached their systems today and pro-activaly start looking for evidences of break-ins. Cyber resilient organisations deploy a detection capability and continuously improve their defences using vulnerability scans and penetration tests. (Read more here)
Many organisations don’t have the time nor the expert skills to organise a detection capability or vulnerability scanning service. Krinos can bring a lot of added value for those organisations.
Organisations and their cyber defenders must operate in a constant stream of new risks from: software updates, patches, security advisories, threat bulletins, etc. When researchers report new vulnerabilities, a race starts among all parties, including: attackers (to weaponize and attack); vendors (to develop, deploy patches or signatures and updates), and organisations (to assess risk, test patches and install).
Vulnerability Scanning Managed Service
Krinos offers organisations an end-to-end managed service for vulnerability & configuration scanning. We help defining the strategy, manage the tooling, and execute the scans. The customer gets the reports that allow him to understand the risks he is running and what he can do to remediate most of them.
Organisations that do not scan for vulnerabilities and proactively address discovered flaws face a significant likelihood of having their computer systems compromised.
Scanning everything is not always an option. Organisations should scan and patch systems based on how attackers break into organisations today. In general, Krinos advises organisation to first focus on Internet facing systems and user devices (workstations, laptops) with internet access. This are the first systems hackers target. Next on the lists are the servers and applications that are directly reachable over the network from user devices.
Continuous Vulnerability Discovery
Understanding and managing vulnerabilities has become a continuous activity, requiring significant time, attention, and resources. Attackers have access to the same information and can take advantage of gaps between the appearance of new knowledge and remediation of your websites and systems. A webserver or system that is secure today, might not be secure anymore next week.
Secure Configuration Auditing
The default configurations, as delivered by vendors, for operating systems, webserver and applications are normally geared to ease-of‐deployment and ease‐of‐use, not security. Pre‐installation of unneeded software, default configuration settings, default accounts or passwords, older (vulnerable) protocols can all result in an exploitable system. Developing configuration settings with good security properties is a complex task beyond the ability of individual users, requiring analysis of potentially hundreds or thousands of options in order to make good choices. Even if a strong initial configuration is developed and installed, it must be continually scanned to avoid security “decay” as software is updated and configurations are “tweaked” to allow the installation of new software or support new operational requirements.
Reports & Advice
Krinos vulnerability scanning service can provide weekly, monthly or quarterly reports that allow the organisation to understand the risks it is facing. Krinos Experts can give advice on the quick wins and the focussed actions the organisation can take.
Advance Penetration Testing Services
Organisations that have a vulnerability scanning program in place, can take the next step using human skilled penetration testers. Krinos can guide organisations in defining the penetration tests they want to do, the objectives, the execution and management reporting.