Managed Vulnerability Scanning

Bring solid security to your infrastructure through vulnerability scanning with confidence

Gain complete visibility of your attack surface, including assets, services, and applications. Identify critical vulnerabilities exploitable by threat actors. Managed Vulnerability Scanning enables organisations to identify the issues, misconfigurations and weaknesses that are most likely to result in a breach, with our experienced security analysts and engineers in the Brightsolid SOC, adding business and risk context to help prioritise and remediate the most urgent and critical issues.

Managed Vulnerability Scanning Service Levels

FeatureBasicStandardAdvanced
Implementation
Asset Discovery
Infrastructure Assessment
Scan FrequencyQuarterlyMonthlyWeekly
Vulnerability Assessment
Remediation Guidance
Critical

Critical/High
Reporting
User and Access Controls
Dashboards
Standard

Standard/Custom
Threat Intelligence Reports
Quarterly Business/Risk Review
Support
Integration with Additional Tools and/or Platforms

Managed Vulnerability Scanning Pricing

Your questions, answered…

How often are vulnerability scanning exercises conducted?

Vulnerability scanning can be conducted weekly, quarterly or monthly, depending on your requirements. 

What types of vulnerabilities will be covered in the scanning service?

We partner with Tenable, who provide coverage for more than 76,000 vulnerabilities and has the industry’s most extensive CVE and security configuration support to help you understand all of your exposures.

How will vulnerabilities be prioritised and reported on?

Brightsolid SOC will condense findings into meaningful groups, articulating identified gaps and prioritising remediation based on the risk to your organisation. Our focus is on critical or high-severity vulnerabilities, leveraging the Common Vulnerability Scoring System Calculator version 3 (CVSSv3) for risk context. These PDF reports will be securely shared with key stakeholders within your organisation, as well as access to critical reports and dashboards that highlight the vulnerabilities identified and the risk to your organisation.

Is the vulnerability scanning service capable of scanning both on-premises and cloud environments?

Brightsolid will scan your infrastructure to identify and expose vulnerabilities that are derived from our asset lists, whether they be on-premises or in the cloud. Brightsolid will identify and expose common vulnerabilities that are surfaced by typical threat actors, identify outdated and unsupported systems and services, web applications and identify new applications, systems and software and scan for potential vulnerabilities.

What measures are in place to ensure the confidentiality and security of our data during the scanning process?

Data within Tenable is encrypted in transit and storage using TLS Encryption ciphers and AES-256. Encryption is applied to various application infrastructure layers with highly restricted access to securely stored encryption keys. Moreover, there are comprehensive network and access controls in place, with network controls such as container isolation, inbound/internal traffic restrictions and data access controls such as SAML, two-factor authentication and account lockout after 5 failed login attempts.

Vulnerability scanning can be conducted weekly, quarterly or monthly, depending on your requirements. 

We partner with Tenable, who provide coverage for more than 76,000 vulnerabilities and has the industry’s most extensive CVE and security configuration support to help you understand all of your exposures.

Brightsolid SOC will condense findings into meaningful groups, articulating identified gaps and prioritising remediation based on the risk to your organisation. Our focus is on critical or high-severity vulnerabilities, leveraging the Common Vulnerability Scoring System Calculator version 3 (CVSSv3) for risk context. These PDF reports will be securely shared with key stakeholders within your organisation, as well as access to critical reports and dashboards that highlight the vulnerabilities identified and the risk to your organisation.

Brightsolid will scan your infrastructure to identify and expose vulnerabilities that are derived from our asset lists, whether they be on-premises or in the cloud. Brightsolid will identify and expose common vulnerabilities that are surfaced by typical threat actors, identify outdated and unsupported systems and services, web applications and identify new applications, systems and software and scan for potential vulnerabilities.

Data within Tenable is encrypted in transit and storage using TLS Encryption ciphers and AES-256. Encryption is applied to various application infrastructure layers with highly restricted access to securely stored encryption keys. Moreover, there are comprehensive network and access controls in place, with network controls such as container isolation, inbound/internal traffic restrictions and data access controls such as SAML, two-factor authentication and account lockout after 5 failed login attempts.

Our Partners & Accreditations