In 1999, hackers struck the U.S. Information Agency's (USIA) Web site. Although knowledgeable about this type of security breach, USIA officials were caught by surprise. Heightened security measures had failed to prevent the attack. The reaction of USIA personnel was typical of the thousands of organizations that find themselves victimized by cyber vandals every year: they hired consultants to uncover the vulnerabilities that made the attack possible, and spent weeks fixing the mess the hackers created.

Corporate assets continue to be at risk as computer networks are growing more complicated to maintain. At the same time, hacking tools have been becoming more simple to use and more accessible to an increasing number of people around the world. As a result, there are more viruses, worms, trojans and other attack methods finding their way into corporate and private networks, costing millions of dollars in down-time, repairs and siphoning of IT resources.

On October 15th, 2001, the Computer Emergency Response Team (CERT) reported that the number of “security incidents” filed at its coordination center at Carnegie Mellon University was on a pace to at least double the number reported in the year 2000. CERT defines an incident as “an attempt, either failed or successful, to gain unauthorized access to a system or its data.” Each such attempt represents a potential threat to corporate system data integrity, service availability, information confidentiality, or all three. Even proven security technologies can lose effectiveness over time. This is largely because changes in a network's configuration can open the door to new security hazards. For example, firewalls are secure only if they block all traffic at your network’s perimeter. Web hosting and e-mail services, and a number of other services, might require your firewall to allow some traffic into your protected network. When this happens, the security of the hosts receiving the traffic becomes critical. If hackers can “poison” the traffic that is allowed through to one of these hosts, then they can take control of that host and can punch a hole right through your firewall!

Intrusion Detection Systems (IDS) that would normally alert you when a hacker initiates an attack against your enterprise can be circumvented if the traffic looks like it’s legitimate. Furthermore, IDS systems only let you know that an attack is underway—they don’t let you know whether your network and its hosts are vulnerable. This is like a general knowing that his troops are under attack, but not knowing where they are or how they’ll hold up against the onslaught. To win the war with against the hackers, IT managers need to know how their firewalls, IDS, and other security components fit together to form the front where the battle occurs.

Vulnerability Assessment
CompuData is now offering a new service. Differing from intrusion detection, where you are alerted to when someone is hacking in or has hacked in, CompuData is now offering vulnerability assessment to identify weaknesses in your security perimeter before a breach takes place. Using a controlled application of tests for vulnerability to known attacks, the assessment is initiated externally from a “hacker’s-eye view,” looking in at the target network. In this way we can mimic the perspective of a hacker, auditing a network at its perimeter, revealing its vulnerabilities, and recommending courses of action to protect your network. But security threats are not discrete events. Internet security is like a runaway arms race. Each increasingly lethal weapon is quickly made obsolete by an improved defense. Each defensive technique is quickly made obsolete by a more powerful weapon. There is no end to this pattern of escalation, just an unrelenting cycle of threat and defense.

Only frequent and actively-managed vulnerability assessment offers intelligence about an organization’s potential vulnerabilities—for the simple reason that only early vulnerability detection against the newest threats makes correction possible before damaging network attacks have taken place.

How often should I test?
CompuData is offering a range of Vulnerability Assessment services to its clients. We offer a one-time vulnerability assessment, which includes a scan, an assessment report of our findings, and recommendations for addressing any vulnerability. Although this can help you judge and rectify your existing Internet vulnerabilities, new threats are coming out every day. If you are a smaller organization, a monthly scan should suffice. Larger organizations may want to schedule scans on a weekly basis. Our Premium Vulnerability Assessment Service includes 12 scans, assessment and recommendation reports initiated by CompuData, but also allows customers to schedule and run their own scans as often as they like.

Vulnerability assessment pricing is determined by how many IP addresses need to be scanned. An IP address can be a Web Server, an E-mail Server, a Citrix server, or any system that offers external access.

To schedule your Vulnerability Assessment, call CompuData at 800-223-3282.