I already have an antivirus, why do I need the ProHacktive solution?
ProHacktive is not a replacement for antivirus software, but a complementary tool to your antivirus software. An antivirus works like a delay mechanism.
It detects, analyzes, corrects and finally distributes this information to all its customers once the threat has been detected and corrected. ProHacktive's solution directly analyzes open services [every computer has open and/or closed doors (ports) that enable third-party applications to communicate with the outside world - for example, an open door to communicate with a printer, a software-opened door to synchronize data or obtain updates from servers, etc... - most of the time, these doors are invisible to the user - a firewall (e.g. Microsoft Defender for Windows) can be used to control the opening of these doors, but is difficult for the average person to understand] on a device, and warns the user in advance of future threats that may be detected by antivirus software. Closing the door is more radical.
-> A metaphor for the risk assessment of a house burglary (including the front door with wooden keys / 3d printing).
Other questions on the same theme :
- Will you block viruses on my network with your solution?
- What is/are the impact(s) of the ProHacktive solution on my network?
- You say it's simple but I don't know anything about computers, how do I set it up?
- If ProHacktive collects all customer vulnerabilities, won't you become a point of interest for hackers (aka Single Point Failure)?
- I didn't understand anything about the ProHacktive solution, can you summarize it simply?
- How is the overall ProHacktive security score calculated? (aka weakest link principle)
- How are we notified that an IS breach has occurred?
- What types of scans are available in the advanced settings of the interface?
- Since the box communicates with the outside world, how can I be sure that nothing will compromise it?
- What sources and databases do we use to qualify vulnerabilities?
- What are the audit modules developed?
- What is the consumption level of the flow?
- How to exclude machines from the scan?
- Which hosts are used by the box?
- What are the fixed IPs of our infrastructure?
- Which technology is integrated in the box?
- Why once the remediation is done do we continue to use the box?
- What does my box "sniff" or detect?
- What is the discovery path taken by the box?
- Why do I have false positives?
- Can I use my box on all my remote sites?
- Is it possible to scan business applications? Like an in-house developed tool
- How does Sherlock behave with VLANs (Virtual Local Area Network)?
- What is the scoring process you use to assess vulnerabilities?
- Can we exclude IPs or subnets from the audit?