Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Cloudaware Vulnerability Scanning as a Service (VSaaS) is a comprehensive, low-friction, high-value and security scanning solution. Vulnerability data is accessible directly in Cloudaware CMDB.

Supported Scan Types

Following are types of scan provided by Cloudaware:

  • Agent-Based Vulnerability Scans (Default)

    • Standard

    • PCI DSS*

  • IP-Based Network Scans (Optional)

    • Standard

    • Standard Credentialed

    • PCI DSS (Windows, RedHat only)

  • URL Scanning

    • OWASP Top 10 Vulnerability Scanning

  • Docker Image Scanning 

  • Compliance Benchmarks

    • CIS Level 1, 2 and Custom

    • DISA

    • HIPAA Windows Audit

    • PCI DSS (Agent and IP)

    • SCAP

    • OVAL

    • MSCT

  • Other

    • Patch Audit

    • Malware Detection

    • Mobile Device Discovery

    • Host Discovery

    • Vulnerability-Specific

      • BadLock

      • Bash Shellshock

      • DROWN

      • Intel AMT Security Bypass

      • Shadow Brokers

      • Spectre

      • Meltdown

      • WannaCry (Ransomware)

  • Content Analysis

    • TNS Content Analysis (PHI, PII)

* -  Windows, RedHat only

Scan Frequency and Scheduling

All scans are performed at least once every 7 days. Cloudaware VSaaS algorithm self selects time to scan each asset. Customers may request an on-demand scan at any time. If a scanning agent has been uninstalled or impaired, Breeze will automatically do clean uninstall, repair if necessary and reinstall the scanning agent.

CMDB Integration

  1. Every CI in CMDB has 'Last Scan Date' field. Using CMDB reporting and workflow functionalities, customers can create reports that show unscanned machines or generate workflows to handle unscanned notifications.

  2. Every CI in CMDB has fields indicating a number of Critical, High, Medium and Low risk vulnerabilities associated with a CI. 

  3. Vulnerability data is accessible directly in CMDB.

  4. Customers can create workflows to handle conditions such when a new vulnerability is discovered or has been remediated.

  5. Customers can create dashboards tracking such KPIs as scanning coverage, vulnerability age, etc.

  6. Customers can create various reports, including such that show assets that are not getting scans and assets that have critical vulnerabilities over a certain age. 

  7. Customers can create CVE-specific reports showing assets that are vulnerable to specific vulnerability or CVE(s).

With Cloudaware CMDB reporting and dashboarding functionality, along with advanced Wave Analytics you will be able to review your KPIs (scanning coverage, vulnerability age, etc), track assets that vulnerable to specific vulnerability or CVE(s) and monitor vulnerabilities over a certain age:

...