Vulnerability Management

The Pulsar Agent installed on servers and clients enables detection and inventory of all installed software. The operating system libraries are examined as well as the files on the hard disk are scanned with the extended software monitoring in order to include non-regularly installed software in the inventory (e.g. portable apps, programs embedded in other applications, Java libraries).

The software inventory forms the best data basis for the actual vulnerability scan, the comparison of the installed software with known security vulnerabilities (Common Vulnerabilities and Exposures, or CVE for short). Thanks to the agent installation, 100% validity is guaranteed and false positives are excluded.

• Platform independent (Windows & Linux)
• Best database thanks to software inventory
• 100% valid results
• No false positives

Enginsight can also be used to scan network peripherals on which a Pulsar Agent cannot be installed for security vulnerabilities. Websites can also be monitored for vulnerabilities. For this purpose, a sensor is placed in the network (Hacktor) or Internet (Observer). Subsequently, entire networks can be scanned for vulnerabilities.

From the outside, the sensors examine the open ports and the web application for vulnerable software. By optionally storing access data (auth provider), operating systems and installed software can be retrieved, results expanded and validation improved.

• Scan networks for security vulnerabilities
• Websites and web portals
• Deposit auth providers for SNMP, WMI, SSH

The associated CVE identifier is given for all security vulnerabilities. The CVSS score (1 to 10) allows categorization by urgency. With a risk score for each asset, users can prioritize patch management by threat. An alarm immediately informs responsible persons about new security vulnerabilities. Further information on each vulnerability in the NIST database and additional sources on the Internet are linked, for example on possible exploits.

• CVSS-Score
• Risk score
• Urgency level
• Integration with alarm system
• Linking of further information

Jede von Enginsight detektierte CVE wird über die verfügbaren Meta-Informationen und unter Einbeziehung des Softwaretyps validiert. It then receives an assessment via the validity traffic light, which guarantees full transparency.

Most of the validation information is available to the vulnerability scan via the Pulsar Agent, so 100% validity is always guaranteed. All assets on which a Pulsar Agent can be installed should therefore be equipped with the software component.

• Validation based on meta information
• Validity traffic light
• 100% valid results for CVE scan with Pulsar Agent

To bring vulnerable software to a safe state, an update to the current version is usually sufficient. Enginsight’s Update Manager enables the targeted import of updates across multiple servers and clients. In addition, updates can be fully automated, and automatic updates can also be limited to security-related updates. The tag system allows convenient configuration even in large IT environments.

• Platform independent (Linux & Windows)
• Compatible with Windows Server Update Services (WSUS)
• Patching third-party Software on Linux systems

Next to insecure software, faulty configurations represent a second category of risk that you can effectively address with Enginsight’s configuration management. Use autofixes to correct configurations directly from the Enginsight platform.

The Security Technical Implementation Guides (STIGs) integrated for all common operating systems can be extended with your own guidelines. This also allows documentation requirements to be fulfilled effectively.

• Microsoft Windows 10
• Microsoft Server 2008/2012/2016/2021
• Canonical Ubuntu 16/18/20
• Red Hat Enterprise 6
• SUSE Linux Enterprise 12