Chat with us, powered by LiveChat

THE 8 GUARDIAN360 SCANNERS FOR OPTIMAL MANAGED SECURITY

Guardian360 consists of 8 Scanners which are constantly in- and around your network searching for weak spots or vulnerabilities in both the security of your network and web application.

If despite all forms of security and scanning, a network intruder or hacker is to compromise your network, our Canary sets off a silent alarm.

The 24-7 functioning Security Operations Center (SOC) will immediately identify and disable any intruder or hacker!

We call it ‘Managed Security’. You may experience it as ‘a good night rest’.

1 | Global Scanner

guardian-global-scanner

This scanner will perform an external check of your applications, infrastructure and devices.

Network accessible from the outside

Network vulnerable to reflection/DDoS attacks

SQL server vulnerable, control of common configuration errors

We do this by obtaining access to your network with techniques that a ‘real hacker’ would use to infiltrate it-environments. This way you will get a clear picture of the following threats:

Server or website is part of a botnet

Server is vulnerable to SSL/TLS attacks or configured incorrectly

2 | Local Port Scanner

guardian-local-port-scanner

This scanner checks, from inside your network, which ports are opened. Open ports provide an attacker the possibility to penetrate further into your infrastructure or to attack your web applications. More than 80 frequently used and abused ports will be scanned every hour!

3 | Web Application Scanner

guardian-webapplicatie-scanner

This scanner mimics a penetrationtest in the same manner in which an attacker from outside would also try to invade a website.

Injection capabilities and vulnerabilities

Script injection possibilities

General security configuration errors

Manipulation and forging of transactions

Not validated references

Think of all vulnerabilities which is spoken about within the OWASP recommendations, such as:

Incorrect session management and authentication issues

Addressing data without authentication

Sensitive data directly accessible

Over 80 other web application vulnerabilities

Content management systems like WordPress, Magento, Drupal and Joomla environments, including any third-party plugins

4 | Amplification Scanner

guardian-amplification-scanner

This scanner monitors servers on the correct configuration of servers, and determines if they are susceptible to various threats as:

SSL & TLS misconfiguration

Reflection attack possibilities in the network

5 | Network Vulnerability Scanner

guardian-network-vulnerability-scanner

This scanner checks for the presence of – among other – old applications which are not properly patched, but also network applications, complete operating systems and web applications. We can thus recognize more than 70,000 current threats and undertake any necessary action.

6 | Local Guardian360 Scanner

lokale-guardian-scanner

This scanner is a physical or virtual probe which will be installed in a safe and responsible manner in your internal office network, of course in consultation with your IT-staff. On this probe, Guardian scanners are installed that scan for security threats from within your network. By using an encrypted connection the results and findings are send to the Central Guardian database, where you can compare these results with the external scans. This will give you an actual ‘situational awareness’!

7 | Credential Scanner

guardian-credential-scanner

This scanner scans the network for unencrypted and non-complex passwords, or passwords which are too short. Even if these passwords are encrypted, the Guardian Cruncher will try to crack them. This is done by means of a special ‘password cracker’ which is capable of ‘guessing’ millions of passwords per second.

8 | Blacklist Scanner

The blacklist scanner ensures that you can quickly intervene in case your domains and ip-addresses

Are your websites and/or ip- addresses known on pastebin?

Are your ip-addresses on a blacklist?

Is spam being sent from your network?

Is your network being used for bitcoin-mining?

Is your website being used for phishing?

Is a TOR Exit node known within your network?

are on a blacklist. It scans, among other things:

if there are any viruses, malware or other malicious activities active within your network?

Does your network make connections to 'command and control' servers or is an open Proxy server running in your network?

Is your network being used to hack – or for carrying out DDoS attacks?

THE CANARY

Canaries were once used in coal mines as an early warning system. Toxic gases such as carbon monoxide and methane killed the birds, and that way warned the miners, so that they not became affected by the gasses and were able to save their lives.

The saying “A canary in a coal mine” is therefore often used to refer to a solution that serves as an early warning in a coming crisis.

And that is exactly how Canary Guardian360 works!

If despite all forms of security and scanning, a network intruder or hacker is to compromise your network, our Canary sets off a silent alarm.

The 24-7 functioning Security Operations Center (SOC) will immediately identify and disable any intruder or hacker!

guardian-canary

Schematic Representation

guardian-vulnarabilty-detectie

As Guardian scans over 80 ports every hour, and on a daily basis scans all web applications and network components (depending on your contract type), regulary a new potential threat is found. When so, a ticket is created directly into our Incident Management System.

within 1 working day one of our security engineers evaluates what this incident means and how urgent the find is. After that, a solution will be developed to solve the consequences of the security incident or at least to minimize the damages as much as possible. So-called ‘Critical messages’ are given priority.

GUARDIAN360 AND THE CANARY WATCH OVER US