Vulnerability Assessment
Service Overview ⫘
This assessment is conducted using Taegis VDR (VDR) and is designed to help you identify and prioritize vulnerabilities in systems or network services on in-scope systems. A Secureworks consultant will configure Taegis VDR for your environment, discover all in-scope networks and systems, and perform vulnerability scanning.
Service Methodology ⫘
Prior to the assessment, Secureworks will schedule an initial meeting to establish the rules of engagement, scope, risk acceptance, requirements for Edge Services, timelines, and schedules.
The Secureworks approach to vulnerability management begins with VDR, a cloud-based tool that incorporates machine learning. VDR scans your environment and prioritizes remediation efforts. Secureworks collaborates with you to determine in-scope and out-of-scope targets for the vulnerability assessment that will be conducted using VDR.
Listed below are components of the assessment:
- Network Discovery: VDR performs port-scans of IP ranges you provide to identify active hosts. This assessment includes activities such as scanning a range of IP addresses to identify top transmission control protocol (TCP) ports in use and identify specific applications and potential version information through capturing banners. This process helps identify active systems in a larger network, which can later be scanned for vulnerabilities.
- Vulnerability Scanning: VDR interrogates network services to determine additional information about your network that could lead to compromise. This includes capturing banners to determine vulnerable service versions, web application crawling and scanning, testing for default or weak credentials, and checking for misconfigurations that may make systems and/or network vulnerable to attack. Results are documented in VDR and are intelligently prioritized.
Outcome ⫘
Presentation of findings and deliverables compiled by Secureworks will be provided to you within VDR, followed by an engagement briefing delivered by the Secureworks consultant through telephone. After the assessment is completed, you will continue to have access to VDR for 30 days.
Scoping Information ⫘
Scope | Description |
---|---|
Vulnerability Assessment - Small | Up to 500 IP addresses |
Vulnerability Assessment - Medium | 501 - 1000 IP addresses |
Vulnerability Assessment - Large | 1001 - 2500 IP addresses |
* All IP addresses must be either Internet-accessible, or internal and accessible by a single Edge Services instance
** Work is conducted during business hours of the Secureworks consultant; after-hours feature is available for an additional 8 service units
The complete Service Description for this service can be found here: Vulnerability Assessment