Interview with Steven Dabbs, CEO & President of ScannerX
by Berislav Kucan - Monday, 3 February 2003
Steven Dabbs, CEO & President of ScannerX, has more than 15 years experience in the Internet and real estate industries. He founded an early Internet web hosting company in 1993, which he sold to Interliant, Inc. in 1998. With Interliant he worked as a Vice President of Customer Care and Business Development. He was also Vice President of a Reg. D partnership with Johnstown American, a public company. Prior to this experience he was a CPA and tax accountant with Price Waterhouse. Dabbs graduated with a Masters of Accounting from the University of Georgia in 1981.

When and with what mission was ScannerX started?

We started developing our systems in 2001 when we could not find an affordable and easily implemented vulnerability scanning solution. IT Managers and System Integrators are under a tremendous amount of pressure. They have multiple and, many times, conflicting demands on their time and financial resources. We found that these people were forced to either invest significant amounts of time and effort to build their own systems or pay substantial licensing fees to other companies. We believed that an affordable easy-to-use subscription based vulnerability scanning service would have broad appeal to people who are held accountable for securing their networks and meeting their budgets.

What are the security services your company specializes in?

ScannerX provides web-based vulnerability assessment products and services to enable security providers, security professionals, and corporate customers to automatically audit Internet-connected networks for security vulnerabilities.

From the technical perspective, how are your security audits setup?

Our security audits are completely initiated and managed through our secure web interface. Through this secure web interface a client can launch on-demand scans against a specific IP or range, or schedule a scan to run at a specific time and date, whether it's every day or week or month, etc. The client has the ability to choose from many different scan types that perform different functions like stealth scanners, denial-of-services attacks, and much more. Once a scan is finished, the customer is automatically notified via email that the scan is completed and ready for them to pickup in our easy to navigate reports directory. Our system has easy-to-read executive reports as well as detailed technical reports for the systems administrators & staff.

What are the pros and cons of automated vulnerability assessment?

Remote vulnerability scanning has many great features that enable users to remotely assess their network just like an intruder would. The benefit of automated vulnerability scanning is that you are empowered with the ability to scan your own system from an outside source from anywhere! Scanning from an external source provides you with the ability to ensure the security of your routers, switches, firewalls and their rules, as well as ensure your intrusion detection system is working properly.

Which operating system do you find to be most secure and why?

There are no really secure out-of-the-box operating systems out there, especially if it is connected to the Internet. New vulnerabilities come out every day, even for systems that may have been secured the day before. Security is not a product, it's a process. Any operating system can be secure if you keep it up-to-date, and check for vulnerabilities on a regular basis and ensure the system's security.

From your experience, what are the top security issues your service usually discovers?

Spotlight

Most popular Android apps open users to MITM attacks

Posted on 21 August 2014.  |  An analysis of the 1,000 most popular free Android apps from the Google Play store has revealed a depressing fact: most of them sport an SSL/TLS vulnerability that can be misused for executing MITM attacks, and occasionally additional ones, as well.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Aug 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //