Our Monthly Vulnerability Scan service aims to provide with a regular overview of the security posture to customer’s management and ICT service. Through a dedicated VScan VPN device, JNX Security performs one Vulnerability Scan of customer’s assets every month, and deliver a sanitized and reviewed report based on the previous scan results.
- A customized scanner running from JNX Security perimeter.
- A VPN devices (VScan) installed in the customer network, where the VPN session is re-established with JNX Security scanner(s) before each scheduled scan.
- A manual review of the security issues revealed by the scanner. During the review, noisy information and/or false-positive will be discarded from the report. Severities will also be reviewed and re-assigned based on the asset role and exposure of the assets.
- An in-house reporting engine with events correlation and issues follow-up.
The monthly security report aims to highlight different weaknesses and vulnerabilities found in the customer perimeter (assigned to a severity level such as Critical, High, Medium and Low). The vulnerability list together with the Severities can be used to define an accurate remediation plan, while the ICT service will mainly look up at the technical and remedial details, part of the report.
A graphical representation of the vulnerability evolution is also part of the monthly report, ensuring that that security controls and process are correctly in place. This evolution chart will provide you with an immediate overview of the successfulness of remedial actions. Additional charts are presented in the monthly report to highlight the number of vulnerability severity which have been found “fixed” (green numbers) since the last scan, or newly discovered (red numbers).