The Accellis Vulnerability Management program has two phases: Discovery and Remediation.
Our discovery process identifies all assets on your network. These could be printers, computers, servers, or network access devices like routers and firewalls. Once identified, our system will probe each device for potential vulnerabilities.
Remediation is the process of applying the correct patch or configuration to resolve a particular vulnerability. If we cannot fix the vulnerability because one does not exist or there will be an adverse effect to the software or device then an exception is created.
Phase 1: The Discovery
Our external scans run on the first day of each month between midnight and 4 AM. The scan looks at all public address space provided as well as the domain names of the assets. The scans can take anywhere between several minutes to multiple hours to complete depending on the types of services that are discovered and the number of assets involved.
Internal scans occur each quarter and on the on the second week of the first month. They start at noon by an on-premise scan engine. Depending on network size, scans can take between two and six hours to complete. All communication between the scan engine and the Accellis’ control center is encrypted. The engine searches the corporate network for connected devices or services. Once a device is found, it will be checked for known vulnerabilities.
The Full Audit Report
This report provides detail of the assets discovered, a description of all the vulnerabilities that were discovered across all assets. Users, Groups and file shares may also be Included in the internal asset discovery.
The Top 25 Report
The second report generated is a Top 25 report which details what patches or configurations need to be applied to correct the most vulnerabilities. The report provides an easily readable action list and high level review of the audit report.
Any deliverables from the Accellis Security Team are transmitted over encrypted email to an onsite representative. This is to protect client data and keep any findings confidential. Barracuda encrypted email is the preferred choice.
Phase 2: The Remediation
Installing software updates or Hotfixes in order to eliminate vulnerabilities that are discovered within given software. Securing the affected system from potential security breaches.
Some vulnerabilities do not have updates or Hotfixes to resolve them. Configuration changes then are required to resolve the vulnerability, which can be updating settings, creating new policies, etc…
Not all patches or configuration changes work will with other software or systems. Applying a remediation could lead to applications not being able to work with the software. These would be marked as a exception as remediating it leads to work-flow problems.