Netshield Announce Our New Vulnerability Scanning Service, NetScan.

NetScan is a popular and capable infrastructure and web application vulnerability scanner, providing the ability to carry out regular scanning to identify vulnerabilities before they become a huge business security risk.

First Class Scanning.

Unpatched software, configuration weaknesses and software vulnerabilities also need to be managed effectively. NetScan includes a vulnerability assessment module to perform vulnerability scans across your external network infrastructure.

• Access sophisticated scanning and exploit technology designed by experienced penetration testers
• Provides a single platform to identify and manage web application and infrastructure risk
• Confirms vulnerabilities through safe exploitation to eradicate false positives and provide proof of concept
• Prioritise each vulnerability’s remediation
• Generates reports in Microsoft Word and CSV. PCI and UK Government PSN compatible formats
• Schedule scans to run at any given date and time. Scan at regular recurring intervals with email notification.

Web Applications.

Vulnerabilities within web applications pose a significant threat to your organisation’s network security. NetScan can identify all known web application vulnerabilities and provide exploit capabilities to demonstrate their impact and eradicate false positives.

Many existing web application scanners rely on parsing web pages in order to discover application components (e.g. links and forms). This approach is no longer effective when testing modern web 2.0 based applications. Components generated at runtime using JavaScript, Flash or Silverlight components will remain invisible to traditional discovery techniques.

NetScan employs two integrated crawling technologies to overcome this challenge. Our HTTP/HTML based crawler is used to components quickly and to identify hidden components through forced browsing. A second integrated crawling engine then executes web pages in the same way a normal browser would. Any embedded scripts or components then able to run as intended whilst allowing full visibility to the discovery engine. If a modern web browser such as Google Chrome can access the application, NetScan can crawl it.

• Thorough assessment of all known web application vulnerability classes such as those defined within the OWASP top ten.
• Advanced detection of DOM based Cross Site Scripting (XSS) vulnerabilities through JavaScript taint analysis.
• Decompilation and static analysis of Adobe Flash files.
• HTML5 postMessage analysis. • Confirmation of discovered flaws through safe vulnerability exploitation

Identifying False Positives.

A false positive is where a vulnerability scanner indicates there is a vulnerability when in fact there isn’t one. Sorting through scanner results to determine which reported issues are real and which are false positive is a time-consuming process. To eliminate false positives, and to provide proof of concept evidence, NetScan employs safe custom exploit techniques to actively confirm discovered vulnerabilities.

Third Party Applications Download custom filtered results and view via HTML, Docx or CSV. NetScan includes a simple JSON data API for retrieving, aggregating, processing and reporting raw vulnerability data for use in third party applications.

Complex authentication schemes are supported when NetScan is supplied with the minimal information, such as a username and password pair. Optionally, a login URL may be provided to direct the scanner where to use the credentials and for scenarios such as single sign-on. The scanner may easily be adapted to support bespoke authentication schemes that require non-standard credentials or processes.

NetScan can provide comprehensive vulnerability assessment and analysis against remote hosts to determine if a misconfiguration exists that could allow an attack to get behind the application and into sensitive data.

Please call us to discuss any aspect of your IT Requirements on 0333 200 1636 or visit our website http://www.netshield.net to find out more about the ways that our expert support and advice will improve the health of your IT.

Advertisements

Combat Phishing With Netshield.

Phishing attacks are becoming all too common and frequent. These attacks are used by fraudsters to get personal information, spread viruses or gain economic benefit for themselves.

Data Security

Email phishing is very common and it can be difficult to detect. This means that your business could be under threat from sophisticated online Email based fraudsters. These people are capable of posing as business directors and owners and asking for money to be transferred into an account as an emergency payment, they can also send viruses through attachments which can subsequently damage data on your PC and invade and collect personal information.

Here at Netshield we have a counter for this, our brilliant NetMail package. NetMail is a fantastic way to reduce the spam that enters your inbox as well as eliminate any phishing attacks.

We realise that the constant worry and panic of phishing is alive and well in today’s world of IT. That is why this fantastic package is set up to give peace of mind and reassurance that your data is safe and sound, and the scams will not be able to reach your inbox.

 

Netmail offers;

100% virus protection, ensuring that personal information and details are kept safe as is the well being of your PC.

99.92% spam detection, No bulk, sales, phishing or any other general junk Emails are able to reach your inbox.

Business Continuity,

90 archiving,

Data leak prevention,

AND SO MUCH MORE…

 

Why not set your mind at rest and get in touch with us to see what we can do for you? Our team of top quality professionals will be able to cater for your businesses needs.

Contact us via,

Phone – 0333 200 1636

Email – jack.finlan@netshield.net

 

We look forward to hearing from you!

 

Windows XP – not long to go until…

From April 8th 2014 the support for Microsoft Windows XP will be ending. So it is nearly time to say goodbye to the popular decade-old operating system.

The end of support means, users will no longer receive anymore security updates. This will lead to security and privacy implications that can significantly impact businesses – without the updates systems may be vulnerable to harmful viruses, spyware and other malicious software.

If using an unsupported operating system, other software and hardware products on the system may also not be support by the vendors either. It will also make it difficult to purchase new software and hardware for the retired Window XP operating system.

Due to the lack of updates, supporting software and hardware, it could lead to users experiencing an increase of downtime and business disruption. To discuss the implications of the end of support for Windows XP in more detail or help with upgrading please contact us today.

Symantec is killing their Backup Exec.cloud

Symantec is planning to shut down its Backup Exec.cloud service in order to focus on other products that have mobile and content-sharing features. The cloud-based solution Backup Exec.cloud was first introduced in the market February 2012, along with Symantec Backup Exec 2012 Product Suite.

With the increasing number of organisations adopting flexible, remote working, virtual offices and mobile devices, cloud-based options for databackup and collaboration have multiplied in recent years – So, it is important for a backup solution to allow users to work collaboratively with ease; “Customers want features such as synch & share and mobile access. Backup Exec.cloud was not designed with these features in mind,” Symantec’s FAQ said. “As a result, Symantec has decided to discontinue Backup Exec.cloud in order to focus on more productive and feature-rich cloud-based applications which include this type of functionality.”

Symantec will stop selling the subscriptions and renewals for Backup Exec.cloud on the 6th January 2014 and will crease the service and support on 6th January 2015.

Users of the product will need to keep in mind, that after their subscription expires the data saved on the platform will be deleted and they will have to migrate their own data to an alternative service; “We are here to help you navigate this process, but we are not able to provide any data migration services as part of this announcement,” Symantec said in the FAQ.