Vulnerability Scanning Service

Vulnerability Scanning Service (VSS) helps to guard customer systems and network infrastructure against emerging threats. While VSS searches for security holes, flaws, and exploits on agency systems, networks and applications, it tests for vulnerabilities by comparing scanned information to data contained in a database, which is updated as new threats are discovered. VSS can simulate a real intrusion in a controlled environment to gauge a network’s susceptibility to attacks. The service performs external scans by remotely probing a network for vulnerabilities that generally come from the outside, and internal scans that detect flaws originating from inside the network.

• Dedicated VSS Infrastructure. Verizon VSS is driven by leading VSS scanning software and technology that carries out 2 million vulnerability scans per month worldwide. Verizon improves this service and technology by offering a dedicated VSS infrastructure, hosted and operated from secure Verizon facilities. Verizon understands the importance of incorporating VSS analysis in a comprehensive, end-to-end security architecture that includes:
  • Global Deployment. Carries out scans on geographically distributed and segmented networks, both at the perimeter and behind the firewall using a vast IP network.
  • Lower Total Cost of Ownership. On demand technology offers significant economic advantages with no capital expenditures, extra human resources or infrastructure to deploy and manage.
  • Extremely Accurate and Current. Verizon has the largest inventory of vulnerability signatures in the industry (4,500+), and performs over 2 million scans per month with a 99.997 percent accuracy rate.
  • Scalability. Deploys and expands using distributed scanning and on demand architecture using a vast IP network footprint.
  • Strong Security Model. Protects in transit and in storage data using HTTPS and AES encryption.

• On-Demand Scanning. Verizon VSS solution provides customers with an on-demand online tool accessible from any Web browser. This plays a vital role in network security and compliance management. It can scale instantly as a customer’s network grows, enables distributed scanning for all locations, delivers immediate updates for new threats and provides high accuracy of scans.
• The Core: Verizon Signature Database. The core of the VSS technology is the Verizon Signature Database, which contains the data that powers vulnerability management. The database is automatically updated daily with signatures for new vulnerabilities, validated patches, fixes for false positives, and other data, so that its effectiveness is constantly improved. The database resides inside Verizon Secure Operations Centers, providing secure storage and processing of vulnerability data on an “n-tiered” architecture of load-balanced application servers.
• Scanning. Remote scanners conduct perimeter scanning by building an inventory of protocols found on each machine being audited. After discovering the protocols, the scanner detects which ports are attached to services, such as Web servers, databases and e-mail servers. At that point, the scanners initiate an inference-based analysis of vulnerabilities that could actually be present (due to operating system and configurations) to quickly identify true threats and minimize false positives.