Why once the remediation is done do we continue to use the box?
The box performs continuous scans at user-programmed intervals. The audit is permanent. 40 vulnerabilities are identified per day. It is therefore highly likely that, once the remediations have been carried out, a vulnerability will appear on one of the network's devices. If this happens, you'll be warned; otherwise, we're back to the same pitfall as the one-off audit, which may be obsolete once it's been carried out, as cybercrime is constantly evolving.
Other questions on the same theme :
- I already have an antivirus, why do I need the ProHacktive solution?
- Will you block viruses on my network with your solution?
- What is/are the impact(s) of the ProHacktive solution on my network?
- You say it's simple but I don't know anything about computers, how do I set it up?
- If ProHacktive collects all customer vulnerabilities, won't you become a point of interest for hackers (aka Single Point Failure)?
- I didn't understand anything about the ProHacktive solution, can you summarize it simply?
- How is the overall ProHacktive security score calculated? (aka weakest link principle)
- How are we notified that an IS breach has occurred?
- What types of scans are available in the advanced settings of the interface?
- Since the box communicates with the outside world, how can I be sure that nothing will compromise it?
- What sources and databases do we use to qualify vulnerabilities?
- What are the audit modules developed?
- What is the consumption level of the flow?
- How to exclude machines from the scan?
- Which hosts are used by the box?
- What are the fixed IPs of our infrastructure?
- Which technology is integrated in the box?
- What does my box "sniff" or detect?
- What is the discovery path taken by the box?
- Why do I have false positives?
- Can I use my box on all my remote sites?
- Is it possible to scan business applications? Like an in-house developed tool
- How does Sherlock behave with VLANs (Virtual Local Area Network)?
- What is the scoring process you use to assess vulnerabilities?
- Can we exclude IPs or subnets from the audit?