The digital watchguard
Details on the solution
A regular assessment of the IT environment from the perspective of potential attackers is vital
The Digital Watchguard offers continuous vulnerability monitoring and early vulnerability warning. We thereby examine the respective IT environment from the perspective of potential attackers at defined intervals (weekly, monthly or every quarter).
The monitoring may include various types of systems and applications, e.g.:
- VPN gateways
- Web server
- Mail server
- Domain name server
- Anti-virus protection / spam gateways
- Web applications
The core of the solution is the combination of tools used by attackers and the manual analysis by our security experts.
The Digital Watchguard combines software tools (the same tools that are used by attackers) with the expertise of our auditors who manually analyse and evaluate the results of the respective monitoring scan.
Your "digital finger print" is the basis of a daily early vulnerability warning for threats relevant to you.
We create a "digital finger print" of your IT systems via the initial monitoring scan. All CPE-IDs (Common Platform Enumeration) of your software products which are exposed to the internet are thereby identified. A CPE-ID is an identification feature which is unique to each software product and contains the current version status. Publicly known security vulnerabilities, on the other hand, are identified through a CVE-ID (Common Vulnerabilities and Exposures). The Digital Watchguard carries out daily checks to determine if the CPEs defined for your IT environment have been assigned new CVEs. If new security threats emerge we are able to provide you with an instant early warning message without having to re-scan your IT environment again each time.
The Digital Watchguard monitors various aspects of exposed IT systems.
Type and scope of systems / services, e.g.:
- changes to the system landscape
- changes to the version or patch level status
- optional: overview on all your web applications accessible on the internet (website galery)
Security aspects of services and applications, e.g.:
- existing generic and specific vulnerabilities (e.g. Heartbleed, Shellshock, Poodle)
- unsecured vulnerabilities
- use of standard access data
- insecure transmission encryption
Our experts will assess and evaluate any potential vulnerabilities and draw up a proposal of measures for you.
An action-based results report helps to gain a quick overview and simplifies work.
As a result, you regularly (weekly, monthly or each quarter depending on the defined interval) receive an action-based report, containing particularly the following:
- identified security vulnerabilities and precise remediation advice
changes in the IT environment compared to previous asessments (e.g. additional systems and services)
security vulnerabilities that were identified in previous assessments but have not yet been remedied.
Alerts of our early warning system are of course issued to you instantly, as soon as a security threat that is relevant to your IT environment emerges.
Please note: As the Digital Watchguard is also deployed on an enterprise level, all results of this service are issued in English.
The Digital Watchguard monitoring service may be extended by different modules.
Inclusion of external factors, e.g.
- black listing of mail servers and IP addresses
- changes to DNS entries
- Distribution of malware through web applications
- Manual in-depth analysis of particularly critical web applications and system areas