The product mainly locates the host system vulnerability discovery, weak password detection, configuration vulnerability detection, scanning and covering multiple system environments, such as: Windows, UNIX, Linux, Solaris, etc., helps customers discover the vulnerability risks in the host, and provides solutions based on different vulnerabilities.
Multiple assessment types:
Assess the weaknesses of host systems, networks and applications, detect malware in the system, and discover weaknesses in web servers and services.
Abundant evaluation capabilities:
Network equipment, including next-generation firewalls, operating systems, databases, web applications, virtual and cloud environments, etc., scan IPv4, IPv6 and hybrid networks, and scan task running time and frequency can be set according to requirements.
Two scanning modes:
Vulnerability scanners can use non-login scanning and login scanning methods when selecting scanning methods, and login scanning can find host vulnerabilities in a more in-depth and comprehensive manner.
The scanner can be configured to update automatically, and the scanner continuously updates advanced threats and zero-day vulnerability plug-ins.
Customize reports to sort by vulnerability or host, create executive summary or compare scan results to highlight changes, and provide XML, PDF, CSV, and HTML type reports.
SYN scanning: Port scanning is a common vulnerability discovery method used by computer intruders. Attackers can learn about the vulnerability of the host computer through it. An open port is a potential communication channel, that is, an intrusion channel. If the host opens the FTP service, it will open two ports by default, generally 20 and 21. The intruder will use port scanning to find these two open ports and will launch intrusions. A successful intrusion will cause immeasurable losses to the enterprise.Network operators actively discover open ports through port scanning, analyze the potential risks of open ports, restrict access to open ports, identify unnecessary open ports and close them in time, which can prevent ports from being used by intruders and improve host protection capabilities.
Weak password detection
Through the weak password dictionary, detect whether the user SSH, RDP and other services use weak passwords, and change the weak passwords in time to effectively prevent brute-force cracking intrusion.
Configure vulnerability detection
Configuration vulnerability detection is baseline inspection, which refers to the security characteristics of IT equipment, selects appropriate security control measures, and defines the minimum security configuration requirements for different IT equipment. The minimum security configuration requirements are called security baselines. e Cloud Vulnerability Scanning Service Platform integrates the operating system, database and other system environment baseline specifications, compares the configuration of host security configuration items term by term through the baseline specifications, finds the weak points of configuration, feeds back the inspection parameters, and focuses on reinforcement to avoid the intrusion risk caused by weak configuration.