Scanist Features Overview
The Scanist vulnerability assessment system includes all of
the following features and capabilities. What follows is not a comprehensive
list, but rather an overview, as the service is updated and expanded on
an ongoing basis.
For more information, or to speak with our team about Scanist's security services,
please email support (@) scanist (.) com.
Vulnerability Scanning
· Free vulnerability scanning
· External and internal assessments
· Automated scheduled scans
· Automated recurring scans
· Automatic target detection
· Mutiple port scan methods
· Authentication scanning
· Additional CGI and XSS testing
|
· Test over 22,500 vulnerabilities
· Threats database updated every 12-hours
· Configurable DoS testing
· Operating system fingerprinting
· Service and application fingerprinting
· Support for wireless networks
· Automated file sharing scanning
· Ability to fine-tune scan parameters
|
· Create Custom Nessus Reports
· Support for changing DHCP networks
· CVE, BugTraq, and OSVDB integration
· On-demand scanning
· Configurable network load throttling
· Local host and application-level testing
· Distributed scanning servers
· No hardware or software to purchase
|
Regulatory and Standards Compliance
The Scanist system meets, or exceeds, all vulnerability assessment and
scanning requirements for most industry standards and regulations,
including:
· PCI - Payment Card Industry
· HIPAA - Health Insurance Portability and Accountability Act
· SOX - Sarbanes-Oxley
· CVE - Common Vulnerabilities and Exposures
· GLBA - Gramm Leach Bliley Act
· FISMA - Federal Information Security Management Act
· ISO-9000 - International Standards Organization
|
· SAS-70 - Statement on Auditing Standards Number 70
· GISRA - Government Information Security Reform Act
· EU Data Protection Directive 95/46/EC
· Canada Personal Info Protection and Electronic Docs Act
· Japan Personal Information Protection Law
· ...and many more.
|
Reporting and Management
· Free vulnerability reporting
· Centralized security management
· Differential reporting
· Network summary reporting
· Historical trend reporting
· Risk-factor reporting
· Custom report content and styles
· Threat Annotations
|
· Business and technical VA reports
· Web and email-based results overview
· HTML, CSV, and PDF report formats
· Support for custom host groups
· Real-time report editing
· Network mapping
· Resolution tracking and management
· Create Custom Nessus Reports
|
· Custom VA reports
· Interactive management dashboard
· Result, host, and network searching
· Comparative analysis
· Generate documentation in real-time
· Integrated interface for all scan types
· Multiple authentication profiles
· All updates included
|
Role-Based Accounts
· Web-based management interface
· Department/group based VA service
· Web and email-based usage tracking
· Control account access and usage
· Direct user login access
|
· Per-account scanning servers
· Per-account reporting content and styles
· Per-account scanning permissions
· Per-account management permissions
· Per-account auditing schedules
|
· Account management
· Control scan servers
· Group-based shared scan data
· Departmental scanning delegation
· Group-based scan results management
|
Data Sources and Applicable Targets
· OS patch-level testing
· Application patch-level testing
· Windows registry testing
· UNIX package management testing
· Support for custom data sources
· Support for SMB and SSH local testing
|
· Firewalls, IDS, routers, and switches
· Servers, desktops, portable devices
· VPN networks and hosts
· Wireless networks and hosts
· Audit almost any network device
· Audit almost any TCP or UDP service
|
· Virtual host scanning
· Over 22,500 vulnerability tests
· Detect over 2,000 devices & OSs
· Detect over 3,800 services & applications
· Detect over 400 IP-based protocols
· External and internal assessments
|
