• Greenbone Cloud Service TRIAL
  • Greenbone Enterprise TRIAL
  • Buy Here
  • Contact
  • Blog
  • Deutsch Deutsch German de
  • English English English en
Greenbone
  • Products
    • Hardware Appliances
      • Greenbone Enterprise 6500
      • Greenbone Enterprise 5400
      • Greenbone Enterprise 650
      • Greenbone Enterprise 600
      • Greenbone Enterprise 450
      • Greenbone Enterprise 400
      • Greenbone Enterprise 150
      • Greenbone Enterprise 35
    • Virtual Appliances
      • Greenbone Enterprise EXA
      • Greenbone Enterprise PETA
      • Greenbone Enterprise TERA
      • Greenbone Enterprise DECA
      • Greenbone Enterprise CENO
      • Greenbone Enterprise 25V
    • Greenbone Cloud Service
    • Technology
      • Feed Comparison
      • Product Comparison
      • Roadmap & Lifecycle
  • Cyber Resilience
    • Vulnerability Management
    • The Vulnerability Timeline
    • Cyber Defense Security
  • Customer Services
    • Technical Support
    • Pentesting Web Applications
    • Self-Learning Courses
    • Documents
  • About Greenbone
    • Contact
    • Careers
    • Media Contact
  • Search
  • Menu Menu

Open Source Vulnerability Management

Outside-in instead of inside-out

With open source vulnerability management, you are looking at your IT infrastructure from the outside – just like a potential attacker would. The aim is to locate any vulnerability that might exist in your IT infrastructure.

Stay one step ahead of attackers

IT security is a process – Open Source vulnerability management provides the foundation. Once you know where the chinks are in your armor, you can do something about them.

The process – from recognition to remedy and monitoring – represents a continuous cycle. You’ll always be one step ahead of attackers.

Still another plus: with our IT security solutions you can focus your hot spots, thus increasing the efficiency of antivirus systems, firewalls & Co.

Recognize and manage risks

Any IT system is at risk of attack by skilled hackers.

Typical causes of vulnerability are improper configuration or programming errors, unauthorized installations or violations of security measures. Our Greenbone Enterprise Appliance uncovers these and countless other risks – and helps you set priorities.

Targeted approach with Open Source Vulnerability Management

Your Greenbone solution will test your IT network and any devices connected to it for more than 150,000 vulnerabilities – automatically. You will receive a daily security status update. The vulnerability check also gives you information on the severity of the problem so that you can set priorities.

Security is a process

Remedies are part of vulnerability management. Recognition must thus lead to a process that will eliminate detected weaknesses. Any vulnerability management process should answer three questions:

  • Who gets which information about vulnerabilities and when?
  • Who is responsible for what?
  • What remedies are available?

Setting priorities

Vulnerability in an on-line Web server is riskier than in an off-line system with telephone access.
Damage to machinery used in manufacturing is usually a lot more expensive to repair than damage to a Web server used for image films.

That’s why setting priorities is so important.

A patch? Important, but no substitute for Vulnerability Management

Even carefully patched systems require careful vulnerability management. Why?

  • System interdependency frequently makes patching impossible. Possible reasons: Special enterprise-critical applications may lose certification or they may malfunction.
  • Not every type of vulnerability can be patched.
  • Improper configuration can cause vulnerability, even with up-to-date software. Some classic examples are an administrator password like “12345678” or file system shares that are exposed to the Internet by mistake.

Vulnerability Management and Greenbone – the perfect combination

The Greenbone Enterprise Feed tests IT networks as well as any connected devices for more than 150,000 different types of vulnerabilities – automatically. You’ll get a daily status of your threat level.

Learn more about the Greenbone Enterprise Feed here.
 
 

Full transparency – made in Germany

What sets us apart from other providers?

The complete scan engine and all test routines are available with source code as open source – and can therefore be audited completely.

We are proud of what we accomplish.
When can we convince you?

Frequently Asked Questions about Vulnerability Management

What does vulnerability management mean?

Vulnerability management is an IT security process that aims to find vulnerabilities in the IT infrastructure, classify their severity and, in addition, provide a list of actions to be taken to address the vulnerabilities. The goal is to eliminate vulnerabilities so that they can no longer pose a risk.

What are the advantages of vulnerability management?

999 out of 1,000 vulnerabilities have been known for more than a year. With vulnerability management, these vulnerabilities can therefore be detected and eliminated before they are exploited by an attacker. This greatly reduces the attack surface of the IT infrastructure.

Vulnerability management systems are fully automated and, through features such as schedules and custom scan configurations, offer users the ability to create complete vulnerability management processes that constantly scan for vulnerabilities. The end result is that vulnerability management ensures more resilient systems in the long term.

How does vulnerability management work?

Vulnerability management is a process in IT-security aimed at finding weaknesses in an IT-infrastructure, evaluating their severity and proposing measures to eliminate them. The goal is is ultimately to eliminate weaknesses so cyber criminals can not exploit them.

The Greenbone Enterprise Alliances as well as the Greenbone Cloud Service use the Greenbone Enterprise Feed. The feed consists of over 100.000 vulnerability tests (VTs). Simply put, there is a vulnerability test for every known weakness, able to recognize exactly that particular weakness on all active elements of a given IT-infrastructure – be it desktop-PCs, Servers, Alliances and intelligent components like routers or VoIP-devices.

The scanner runs the tests on the target network and finds existing security gaps. These are then ranked by severity, enabling prioritization of extermination-measures.

For which companies is vulnerability management suitable?

Every company derives significant benefits from the use of vulnerability management, as proactive security can be achieved.

Greenbone’ vulnerability management solutions are suitable for businesses and government agencies of all sizes. Solutions are available for both micro-enterprises, where only a few IP addresses need to be scanned, and large enterprises with many branch offices.

What are the costs of vulnerability management from Greenbone?

The price of our solution is always based on the environment to be scanned. Depending on whether you are interested in a virtual appliance, a physical appliance or our cloud solution, our solutions cost between a few euros per month to several hundred thousand euros.

How much time does vulnerability management take?

Vulnerability management is not a one-off operation, but an ongoing process that is firmly integrated into IT security. The steps from the detection to the elimination of vulnerabilities run continuously in a constant cycle.

The duration of a scan always depends on the number of systems to be scanned or IP addresses to be scanned. Vulnerability management makes sense for any size of system, but can run for several hours as a background activity depending on the complexity of the respective scan.

What are the advantages of vulnerability management from Greenbone?

With solutions from Greenbone, you receive a daily update of vulnerability tests. Since new vulnerabilities are found every day, it is important to continuously develop new tests. With the Greenbone Enterprise Feed as part of the Greenbone solutions, you are always up to date.

Another advantage is that with Greenbone solutions you directly receive a classification of vulnerabilities according to their severity as well as possible measures for remediation. This allows for prioritization and targeted remediation of the vulnerabilities.

In addition, when you choose Greenbone, you get technology from a trusted German manufacturer. All Greenbone solutions always comply 100 % with the specifications of the highest data protection standards such as the DSGVO.

What prior knowledge does vulnerability management require?

The basis of vulnerability management is general awareness of the fact that IT-systems have weaknesses and the willingness to do something about that.

Merely implementing our vulnerability management solution is comparatively easy. However, to derive meaningful advantages from it, admin-level IT-knowledge will be advantageous.

We are already using firewalls etc. Is vulnerability management still useful?

Definitely. Firewalls and most other common measures focus on attack patterns – viewing the target system from the inside out. The goal is defending against attacks that are actually occurring. For this reasons, these systems only engage once an attack is already on the way.

In comparison to this, vulnerability management views the IT-infrastructure from the outside in – just like a potential attacker. The goal here is to eliminate attack surfaces in order to stop any attacks from happening in the first place.

High grade firewall systems can occasionally detect vulnerabilities, however contrary to vulnerability management they will not propose any measures to eliminate them. Additionally, firewalls, IDS- or IPS-systems can only detect weaknesses if the system they are running on allows them to do so in the first place, and even then they will be restricted to a range of traffic correlating to the respective system security.

Traffic which does not pass through the security system will not be analyzed either. If a Greenbone solution is implemented in the network, every component that can be reached via an IP-connection can be probed for weaknesses, no matter the type of device. This, for example, also includes industrial components, robots and production plants.

A combination of firewalls etc. and vulnerability management is certainly the best solution. With the insight vulnerability management provides, the use of other systems can be focused on important hot spots.

What is the difference between patch-management and vulnerability management?

In patch-management, systems, applications and products get updated continually in order to close weaknesses.

Vulnerability management serves to find existing weaknesses, rank and prioritize them and to propose measures to eliminate them. A patch is one example of such a measure.

In this sense, patch-management presupposes vulnerability management. Patching a vulnerability only makes sense when you are aware of the vulnerability.

Additionally, most patch managers only work in IT-components but not in industrial plants or controllers for example.

Finally, patch-management systems require exhaustive and controlling admin interventions, since not every patch is necessarily sensible or uncritical for the system. New patches often bring along new vulnerabilities which the patch management system can not recognize.

Patch-management is a sensible addition to vulnerability management, since they can automate patches. Is some cases, our systems can even communicate information to the patch management system, allowing it to patch based on critical security information.

Do I need vulnerability management although I update my systems regularly?

Yes, even with regular updates and patches, it still makes sense to have a vulnerability management solution.

For example, system dependencies often prohibit going for the most recent patch. Certain critical applications could lose their certification or might even lose some functionality when upgrading to the latest patch uncritically.

Not every vulnerability receives a patch either, or even worse, some updates even introduce new vulnerabilities into the system. Without a vulnerability management system in place probing all areas of the system, these vulnerabilities often go unnoticed.

Furthermore, even in an optimally patched system, vulnerabilities can arise due to misconfiguration. A classic example would be the admin-password “12345678” or accidental file-sharing to the internet instead of the local network.

OT-components have the additional drawback of prohibiting automatic updates in the first place.

Does vulnerability management improve with continuous patching?

Yes, continuous vulnerability management combined with patch-management delivers a severely more resilient system over time.

What is the biggest challenge in vulnerability management?

The biggest challenge is the initial installation and implementation into the network. But the way our solution is designed makes it as quick and straightforward as possible. You will also receive additional support from Greenbone if needed.

Since working with a multitude of scan-plans is recommended, comprehensive asset-management is required prior to implementing vulnerability management in order to differentiate critical and non-critical assets from each other.

What are the most important prerequisites for vulnerability management?

All companies, no matter the sector, are in the focus of attackers these days. The most important prerequisite for vulnerability management is a keen awareness of this fact and a willingness of those who are responsible to put preventive measures in place.

As a customer, it is also very important for you to make an informed decision: View a demonstration of the product to see how it performs in a test-situation and chart out initial- and running costs. Further technical knowledge is not required, as the mere implementation is very easy.

Be a Moving Target – Hard to Hit

Run for cover – it’s the right reaction, even in cyberspace. But have a plan first. Vulnerability management is the answer.

You can reduce your attack surface by

99,9 %.

Tight Budget?

Vulnerability management is the smart way to go with your IT budget.
We’ll calculate it for you.


Contact us now

Set up a Process

We’ll be happy to help you set up your own vulnerability management process. It will be tailored to your systems, structures and requirements.

Contact Us Now

Test Us!

You want to test the Greenbone solution?

Test Now

Products & Solutions

  • Hardware Appliances
  • Virtual Appliances
  • Greenbone Cloud Service
  • Roadmap and Lifecycle
  • Open Source Vulnerability Management
  • Buy Here
ISO9001EN

Service & Support

  • Customer Services
  • Pentesting Web Applications
  • FAQ
  • Documents
  • Warranty
  • Test Here
ISO27001EN

About us

  • About Greenbone
  • Blog
  • License information
  • Privacy Statement
  • Terms & Conditions

Contact with us

  • Contact
  • Product Request
  • Careers
  • Partners
  • Security Response Team
  • Imprint

Community

  • Community Portal
  • Community Forum
© Copyright - Greenbone AG 2020-2023
  • LinkedIn
  • Mail
Scroll to top

This site is only using technically necessary cookies. By continuing to browse the site, you are agreeing to use this cookies.

Accept CookiesPrivacy policy

Cookie and Privacy Settings



How we use cookies

We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

Essential Website Cookies

These cookies are strictly necessary to provide you with services available through our website and to use some of its features.

Because these cookies are strictly necessary to deliver the website, refusing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.

We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.

We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.

Other external services

We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

Google Webfont Settings:

Google Map Settings:

Google reCaptcha Settings:

Vimeo and Youtube video embeds:

Privacy Policy

You can read about our cookies and privacy settings in detail on our Privacy Policy Page.

Datenschutzerklärung
Einstellungen akzeptierenVerberge nur die Benachrichtigung
  • Deutsch
  • English