Bithex SecureWerk™ Internal, Vulnerability Scanning Internal Networks
Bithex SecureWerk Internal is a service incorporating a security vulnerability scanner on the customer’s internal network for daily scanning and periodic penetration testing and security assessments of most critical network systems. The service is operated by Bithex personell with support and consultation on nature of vulnerabilities discovered, important changes needed and amendments.
Vulnerability management
For companies operating an information security management system (ISMS) Bithex SecureWerk Internal can be used to manage the total set of known technical security issues in the company’s networked IT assets. The status of information security is monitored and tested on a regular basis. Bithex SecureWerk users can execute security and vulnerability scanning on all critical systems to analyze and classify found issues and estimate probability of security incidents.
At any time, the user can open a list of detected vulnerabilities in all network equipment, ordered by risk level and importance. The user can label false positives and put an estimated on the probability of security incidents associated with each issue.
What’s Included in Bithex SecureWerk Internal?
- Installation and configuration of Bithex SecureWerk as a virtual machine on the customer’s premises (VMware®).
- Full access and use of Bithex SecureWerk web based interface.
- All upgrades and enhancements to Bithex SecureWerk included. Upgrades are usually done annually
- Automated network discovery to identify network equipment. Can be updated any time.
- Daily vulnerability scans for newest vulnerabilities for unlimited number of systems.
- Weekly and Monthly full vulnerability scans for unlimited number of systems.
- Vulnerability scanning for missing security patches in all the most common operating systems (requires user access to systems).
- Vulnerability scanner is updated for newest vulnerabilities daily.
- Vulnerability scans that fulfill PCI DSS requirements of the payment card industry for regular security scans.
- Annual status reports and meetings with customer to analyze and display the overall IT security status.
- Vulnerability management, assessment on probability of security incidents.
- Risk classification of issues according to Bithex risk classification and CVSS. The user may label false positives and changes risk levels.
- Unlimited number of Bithex SecureWerk user accounts included.
- Unlimited number of systems to scan an monitor on customer’s network.
- Support through phone and email on usage, reports, vulnerability management and issue fixing. Service intended for all registered systems.
Price
Bithex SecureWerk Internal comes with a flat annual fee. Please contact us for more information and price quotes.
Bithex SecureWerk™ Internal and Information Security Standards
Bithex SecureWerk Internal fulfills requirement in the PCI DSS security standard of the payment card industry on quarterly internal vulnerability scans and more. Companies which have implemented Information Security Management Systems can use Bithex SecureWerk to comply with many aspects of standards such as ISO/IEC 27001:2007. Bithex SecureWerk can be used to implement such controls as risk assessment, probability of security incidents, network controls, security in network services and more.
Information security managment system (ISMS) implementations may vary between companies, but in general, Bithex SecureWerk can be used for controls such as ISO/IEC 27001:2007 s.s. A.10.4.1, A.10.6.1, A.10.6.2, A.10.10.5, A.11.1.1, A.11.4.6, A.11.6.1, A.11.6.2, A.12.5.4, A.12.6.1, A.13.1.2, A.14.1.2, A.15.2.1.