How the permanent audit tool works in your infrastructure

The services

What are the issues that lead to a preventive solution?

If I have a vulnerability on my network, is it up to you to fix it?

If I am attacked tomorrow, what happens?

Where are the cases made? Do you have a label?

Why do I have to keep paying for a subscription if I have just had all the vulnerabilities in my network fixed?

Your solution seems very interesting, why has no one proposed it so far?

If I see too many vulnerabilities, won't I get lost in a pile of information to manage?

What does Sherlock do vs. other Nessus-type audit tools?

How it works

I already have an antivirus, why do I need the ProHacktive solution?

Will you block viruses on my network with your solution?

What is/are the impact(s) of the ProHacktive solution on my network?

You say it's simple but I don't know anything about computers, how do I set it up?

If ProHacktive collects all customer vulnerabilities, won't you become a point of interest for hackers (aka Single Point Failure)?

I didn't understand anything about the ProHacktive solution, can you summarize it simply?

How is the overall ProHacktive security score calculated? (aka weakest link principle)

How are we notified that an IS breach has occurred?

What types of scans are available in the advanced settings of the interface?

Since the box communicates with the outside world, how can I be sure that nothing will compromise it?

What sources and databases do we use to qualify vulnerabilities?

What are the audit modules developed?

What is the consumption level of the flow?

How to exclude machines from the scan?

Which hosts are used by the box?

What are the fixed IPs of our infrastructure?

Which technology is integrated in the box?

Why once the remediation is done do we continue to use the box?

What does my box "sniff" or detect?

What is the discovery path taken by the box?

Why do I have false positives?

Can I use my box on all my remote sites?

Is it possible to scan business applications? Like an in-house developed tool

How does Sherlock behave with VLANs (Virtual Local Area Network)?

What is the scoring process you use to assess vulnerabilities?

Can we exclude IPs or subnets from the audit?

The evolutions

Do you have a mobile application?

Are there any developments planned?

Will you develop a VM?

Is integration into a SIEM planned?

Is there a monitoring module being designed?