Vulnerability Scanning - Overview
Cloudaware Vulnerability Scanning as a Service (VSaaS) is a comprehensive, low-friction, high-value and security scanning solution. Vulnerability data is accessible directly in Cloudaware CMDB.
Supported Scan Types
Following are types of scan provided by Cloudaware:
Agent-Based Vulnerability Scans (Default)
Standard
PCI DSS*
IP-Based Network Scans (Optional)
Standard
Standard Credentialed
PCI DSS (Windows, RedHat only)
URL Scanning
OWASP Top 10 Vulnerability Scanning
Docker Image ScanningÂ
Compliance Benchmarks
CIS Level 1, 2 and Custom
DISA
HIPAA Windows Audit
PCI DSS (Agent and IP)
SCAP
OVAL
MSCT
Other
Patch Audit
Malware Detection
Mobile Device Discovery
Host Discovery
Vulnerability-Specific
BadLock
Bash Shellshock
DROWN
Intel AMT Security Bypass
Shadow Brokers
Spectre
Meltdown
WannaCry (Ransomware)
Content Analysis
TNS Content Analysis (PHI, PII)
* - Â Windows, RedHat only
Scan Frequency and Scheduling
All scans are performed at least once every 7 days. Cloudaware VSaaS algorithm self selects time to scan each asset. Customers may request an on-demand scan at any time. If a scanning agent has been uninstalled or impaired, Breeze will automatically do clean uninstall, repair if necessary and reinstall the scanning agent.
CMDB Integration
Every CI in CMDB has 'Last Scan Date' field. Using CMDB reporting and workflow functionalities, customers can create reports that show unscanned machines or generate workflows to handle unscanned notifications.
Every CI in CMDB has fields indicating a number of Critical, High, Medium and Low risk vulnerabilities associated with a CI.Â
Vulnerability data is accessible directly in CMDB.
Customers can create workflows to handle conditions such when a new vulnerability is discovered or has been remediated.
Customers can create dashboards tracking such KPIs as scanning coverage, vulnerability age, etc.
Customers can create various reports, including such that show assets that are not getting scans and assets that have critical vulnerabilities over a certain age.Â
Customers can create CVE-specific reports showing assets that are vulnerable to specific vulnerability or CVE(s).
With Cloudaware CMDB reporting and dashboarding functionality, along with advanced Wave Analytics you will be able to review your KPIs (scanning coverage, vulnerability age, etc), track assets that vulnerable to specific vulnerability or CVE(s) and monitor vulnerabilities over a certain age:
Ticketing and Incident Management Integration
Cloudaware VSaaS is integratable with external systems such as ServiceNow, JIRA and PagerDuty.
Cloudaware VSaaS supports stateful ticketing integration, meaning it will not only create tickets in external systems but also update them when it detects that a vulnerability has been remediated.
List of supported objects
CloudAware Scan Server |