Internal network scanner
While your external network is the easiest to access for hackers, and available for attack 24/7, your internal systems can also be reached with a little extra effort. For example by an email containing a malicious attachment, or link to a web page that exploits known unpatched software on an employee’s device. Similarly, unpatched software or the lack of hardening of internal systems can help an attacker move around internal systems once they’ve gained an initial foothold.
Having a well patched and hardened internal environment will help you avoid this next level of attack, and can be important for compliance with many security standards, or customer security questionnaires. It also helps further protect perimeter systems, by providing next-level information that can’t be gained from the outside.
Internal scans check for similar types of issues as our external scans, but can do so from a trusted position on the device, gathering even more data to help secure your systems.
- Common mistakes & configuration weaknesses. Even the most secure software can often be configured in an insecure way. Simple mistakes such as leaving default passwords, not enabling encryption or other security settings.
- Missing patches. Patch management is a fundamental part of keeping your digital estate secure, as missing patches can quickly be detected and exploited by attackers.
- Encryption weaknesses. It is common to find that services which are capable of secure encryption, have either not been configured, or mistakenly configured to be less secure