Vulnerability Scanning with RapidSpike
The latest addition to the ever growing Security Monitoring tools from RapidSpike is the ability to perform Vulnerability Scans of your external facing servers and web applications.
Cyber Security is a massive area of concern for every website or web application owner and ensuring that your applications and servers are free from vulnerabilities is critical in ensuring the ongoing availability of your service.
Internet-based hackers exploit these vulnerabilities in the same way a physical burglar would open an unlocked door. Ensure that you fix these issues before you become the next organisation to suffer a breach.
The RapidSpike Vulnerability Scanner currently performs network-level scans against your servers and also Web Application scans against your websites.
Vulnerability Scanning is currently available as an add-on for all paid plans within RapidSpike. Simply sign up for an account and you can then purchase credits to run as many scans as you need. More details can be found on the Pricing Page.
What is Vulnerability Scanning?
Vulnerability Scanning is the act of assessing your servers and websites for any known software or configuration vulnerabilities.
Performing Vulnerability Scanning has become a critical security component for anybody with a public facing website or server.
Vulnerability Scanning provides you with details of any identified vulnerabilities along with remediation advice on how to fix the vulnerabilities.
How does Vulnerability Scanning work?
The RapidSpike Vulnerability Scanner is a blended solution of best of breed tools all involved in mapping and identifying security vulnerabilities.
The Vulnerability Scanner checks for thousands of known software and configuration vulnerabilities for all major software products and operating systems. The system is automatically updated daily as well as automatically when any major vulnerabilities are identified.
How to setup Vulnerability Scanning
You can set up a Vulnerability Scan either by using the generic Add wizard in the top menu bar or by selecting the server or website and following the steps from the Security > Network Scan or Web App Scan. With each option, the wizard takes you through the configuration required.
Once you have configured the targets for your scan, you have the option to either run the scan now or to schedule the scan to run daily, weekly, monthly, quarterly or annually.
Scans will only run if you have purchased credits – each scan takes a single credit.
Receiving Vulnerability Scanning Alerts
In its default state, the Vulnerability Scans you have configured will run and not provide any alerts regarding the findings. You can however, configure alerts for the scans you have configured.
Navigate to the Alerts Section and then you will find Vulnerability Scanner Rules under Security.
You can see from the above that no rules have been enabled for the above scan. Clicking Add New Rule will allow you to add a rule.
You can now add a rule that works with our existing alerting methods to provide you with an alert if a vulnerability is identified with a severity of your choice.