fast international shipping
ISO 9001/27001 Corporate certification
Manufacturer certified experts for your project-
fast international shippingISO 9001/27001 Corporate certificationManufacturer certified experts for your project
Vulnerability management is an essential part of your IT compliance. In order to ensure the security of your IT, a continuous monitoring process is necessary. The goal must be to protect the system from dangers and threats by minimising risks and preventing damage.
IT is by no means the only target of attacks. In recent years, so-called OT, operational technology, has increasingly become the focus of attention.
Just think of Stuxnet in 2010, which was developed to sabotage the Iranian nuclear programme. In 2014, there was an attack on a blast furnace in Germany. The attackers here got full control of the system and were able to damage it severely. In December 2016, there was an attack on the Ukrainian electricity grid, the power failed for 700,000 inhabitants for hours.
Unfortunately, these are no longer isolated incidents and show a clear trend. Industry and infrastructure are increasingly exposed to attacks. These are also increasingly sophisticated and well prepared. Both Industry 4.0 and the Internet of Things (IoT) are playing an increasingly important role. More and more systems are networked and accessible via the internet. But with such complex networks and structures, how can you still maintain an overview and guarantee security throughout? That is why it is important to act proactively. Before the worst happens.
Apart from the financial losses, such news and rumours spread faster than you can write a press release. This can be more serious in the long run if the impression spreads that one is vulnerable. Such a loss of confidence is difficult to eliminate.
This is where Greenbone steps in with the Greenbone Security Manager (GSM). Not only can the GSM scan and monitor IT, but also the Internet of Things and especially OT. Of course, Greenbone is aware of the challenges when it comes to monitoring and scanning OT devices. OT devices are rarely modern or new. Accordingly, they are also vulnerable. Even a simple scan, which an IT device accepts without any problems, can lead to a major problem or even failure. If production comes to a standstill as a result, then the disaster is complete.
That is why the Greenbone Security Manager offers several options for scanning. From simple passive host discovery, to an active ping, to more aggressive methods. Greenbone recommends first using a test environment with identical devices to those found in productive use. Especially with older devices, the behaviour during scans is not always predictable.
Greenbone has native support for various products used in industry:
In addition, the Greenbone Security Manager can handle several protocols, frameworks and platforms by default:
Greenbone is happy to support other protocols, frameworks and platforms on request.
In addition, Greenbone is working on an implementation to support the Achilles standard, which was developed for critical infrastructure devices. With the help of this standard, it would no longer be necessary for certified devices to find out what scan level the device can withstand. The Greenbone Security Manager would automatically select the correct scan level and use it for the device. This makes it easier to roll out and monitor your infrastructure.