Back to Service Library
Service Catalog / / Vulnerability Management / Vulnerability Scanning (Nessus)
159SCNN Base

Vulnerability Scanning (Nessus)

On this page

    Service Overview

    SERVICE OVERVIEW 

    DeepSeas Vulnerability Scanning Service with Nessus allows an organization to identify and manage vulnerabilities in the organization's systems. DeepSeas solution offers a range of features including customized vulnerability scanning, an integrated portal, and asset vulnerability information parsing. With DeepSeas Vulnerability Scanning solution, the organization can gain a deeper understanding of the security risks and take proactive steps to manage them. The solution is designed to be user-friendly and easy to navigate, allowing you to quickly identify vulnerabilities and take immediate action to address them. 

    Our Vulnerability Scanning Service includes the following service elements: 

    • Vulnerability identification service includes a thorough scanning of your internal network devices, servers, and other assets located on-premises to ensure the highest level of security for your organization. 
    • Portal integration and delivery involves integrating scanner and sensor findings related to vulnerabilities into the DeepSeas RED portal. 

    Methodology

    The following table describes the typical steps DeepSeas undertakes, together with Customer, to onboard and initialize our service: 

    1. Kickoff (Approximately 1 Week)
      1. DeepSeas and the Client participate in a joint call to confirm services, service orchestration appliance placement (if required), shipping information, and other key details.
    2. Tool Deployment, Configuration, & Tuning (2-3 Weeks)
      1. Scanners: DeepSeas will deploy Nessus Scanners to enable the scanning of the Client's environment.
      2. Scan Configuration & Scheduling - DeepSeas will create and schedule the monthly recurring scans of the Client's environment.
      3. Authenticated Scans - DeepSeas will support scans that require the scanner to authenticate to the targeted system.
      4. Document Exceptions - DeepSeas will document all exception requested by the Client. DeepSeas will not report vulnerabilities for hosts that match the exceptions.
    3. Baseline Scans & Integrations (2 Weeks)
      1. DeepSeas will execute steps to integrate scan results in the DeepSeas RED portal.
    4. Service Optimization (Ongoing)
      1. Monitoring - DeepSeas will monitor all scanners for performance and availability issues. DeepSeas will investigate potential problems and attempt to remediate them independently when possible. DeepSeas will notify the Client of all verified issues and their remediation status.
      2. Failed Scan Notifications - DeepSeas will notify the Client when there are failed scans. DeepSeas will attempt to retry a potentially failed scan before informing the Client.

    Deliverables

    VULNERABILITY IDENTIFICATION 

    Vulnerability Identification comprises i) vulnerability scan management; and ii) vulnerability reporting and results management delivered by DeepSeas and leveraging commercially available scanning tools.  

    1. Vulnerability Scanning: Our solution includes vulnerability scanning of the Client’s internal “active”, Internet Protocol (IP) addresses. Scans of internal and cloud-based IPs are conducted from one or more Scan Appliances within your network or data center. Included in Vulnerability Scanning are the following components: 
      1. Manage/update scan profiles and scan schedules
      2. Launch and verify the execution of IVM, on-demand, and policy compliance scans
      3. Review scan results and generate reports
      4. Troubleshoot any detected problems with scans
    2. Vulnerability Reporting: After vulnerability scans are executed, the next step is to review and analyze the scan results, in the form of various vulnerability reports. Included in Vulnerability Reporting are the following components: 
      1. Review scan results/reports
      2. Troubleshoot any detected problems with scan reports/report templates
      3. Prepare and deliver monthly reports/dashboards

    Service Assumptions

    • Assets can be accessed via a shared local area network in a centralized way. 
    • The Client already has an infrastructure with enough capacity to host the virtual machines necessary for scanning activities. 
    • Virtual scanner machines should be able to access an average of one thousand (1000) assets. If performance or latency issues are found due to network configuration or assets that exceed the established threshold recommended by the scanning vendor, additional sensors and service fees may be required.
    • The Client will permit VPN traffic through firewalls for the management of scanner virtual machines. 
    • The Client will be responsible for updating both the operating system and application of the scanner's virtual machines. 
    • The Client will be responsible for deploying the provided .ova files to ensure that the machines can address the target assets. 
    • The Client network team oversees managing the accessibility of target assets to the virtual machines. 
    • The Client will provide suitable virtual or physical machines to operate Tenable Network scanners. 
    • The Client will be responsible for administering, maintaining, and patching the virtual machines that run the Network scanners.