Vulnerability Scanning

Key Solution Features

BT's MVS establishes and maintains an asset inventory, and identifies the most critical vulnerabilities impacting customers' ability to protect those assets. BT provides specific recommendations on patch maintenance for the top twenty to thirty high-impact vulnerabilities that have been identified.

Both internal and external scans are provided in weekly and monthly intervals -- customized for an entire address range or only the devices being monitored or managed. MVS includes an on-site device for internal scans complemented by external scanners located at BT's Security Operations Centers (SOCs). After establishing a base trend-line for a customer network, BT generates ongoing recommendations based on its best-in-class vulnerability database.

The BT Advantages

• SERVICE AVAILABILITY: 24x7x365 availability for service scheduling options.
• FLEXIBLE DEPLOYMENT OPTIONS:
  • Weekly, monthly, and ad hoc service options.
  • Address-specific or address-range coverage options.
  • Internal and external scanning options.
  • Conditional start-stop time bounds.
  • Customized alert and escalation.
  • Trending of vendor and security vulnerabilities.
  • Web Portal access to reports, stored up to six months online.
• INSTALLATION: Internal MVS is deployed inside the customer network in parallel with BT's Sentry device. External MVS is undertaken from a BT SOC.
• CORE VULNERABILITY ENGINE: MVS is built on a core vulnerability-scanning engine provided by The Nessus Project, an open source program customized by BT and equipped with approximately 2,200 separate scans.
• SMART SERVICE RECOGNITION: MVS scans target hosts outside the standard IANA assigned port numbers, such as an FTP server running on a non-standard port (e.g., 31337) or a Web server running on port 8080.
• MULTIPLE SERVICES: MVS scans multiple Web servers running on a single host, such as one on port 80 and another on port 8080.

back to Vulnerability Scanning