Remote vulnerability scanning has many great features that enable users to remotely assess their network just like an intruder would. The benefit of automated vulnerability scanning is that you are empowered with the ability to scan your own system from an outside source from anywhere! Scanning from an external source provides you with the ability to ensure the security of your routers, switches, firewalls and their rules, as well as ensure your intrusion detection system is working properly.

Which operating system do you find to be most secure and why?

There are no really secure out-of-the-box operating systems out there, especially if it is connected to the Internet. New vulnerabilities come out every day, even for systems that may have been secured the day before. Security is not a product, it's a process. Any operating system can be secure if you keep it up-to-date, and check for vulnerabilities on a regular basis and ensure the system's security.

From your experience, what are the top security issues your service usually discovers?

ScannerX has performed thousands of security scans and I would have to say we see a lot of web server based vulnerabilities for the IIS (Internet Information Server, Microsoft® Servers), SQL vulnerabilities and recently a lot of Apache web server vulnerabilities on the unix based web servers. There have also been a large number of SMTP related vulnerabilities.

What security problems will we see in 2003?


In 2003, we expect an increase in vulnerabilities due to the heightened awareness in security. As more companies begin to tighten down the reigns on their Internet-enabled devices (Firewalls, Intrusion Detection systems, Web and Mail servers), more holes and vulnerabilities will be found which will lead to an increased number of security related problems this year. 2003 will bring the same types of vulnerabilities as in previous years, just more of them.

What to expect from ScannerX in this business year?

ScannerX's future expansion of products and plans for growth include the following:

Managed Vulnerability Assessments: For customers who want to know what is going on with their network but do not want to manage the process themselves. The anticipated cost is $20 per month plus $5 per scan. ScannerX will ensure the customer's servers are scanned periodically and that the results are reviewed and compared to prior scans. Any significant developments or changes will be reported immediately to the customer.

Assessment Reviews and Consultations: Customers who want an explanation of the results of a scan can order a complete review and consultative session. The customer will receive the analysis and recommendation by email and as a bound hard copy delivered by next day express service. With this service, ScannerX will review the results of the scans, analyze the impact and give the customer a written summary of the risks and an explanation of how to patch the servers. The anticipated price point will be $150 for a single one-time analysis of up to 5 IPs.