Networking is always facing new challenges and threats and it becomes more and more vital to manage the safest and most accurate tools to provide all the security needed.
As a part of our extensive services, ZEVENET has developed a system to achieve these goals. Let us introduce you to:
VULS applied to ZEVENET
Vuls is an agentless open-code vulnerability scanner, which ZEVENET is employing to automate the first steps and phases of the vulnerabilities analysis regarding the previously installed software.
This tool exploits several vulnerabilities databases such as: NVD (National Vulnerability Database). That’s the US Government cybersecurity vulnerabilities deposit publicly displayed, which has a vulnerability ID (CVE – Common Vulnerabilities and Exposures), resumes, and impact analysis, and it is available for a machine-readable format. OVAL database for Debian. Open Vulnerability and Assessment Language is an open language used to send verifications to determine if there are any software vulnerabilities on a specific system. Debian Security Bug Tracker, which compiles all the information about the solutions and packages distributed with Debian.
We need to highlight that this system generates a report warning about the failure and the solution or correction to it.
Here’s a diagram explaining all the process:
1 – Daily, a check process is launched, downloading the known vulnerabilities from the databases already mentioned (Debian, OVAL, and NVD). 2 – Once detected, the vulnerabilities are analyzed within a ZEVENET Balancer and we work on its resolution. 3 – When it’s solved, the vulnerability becomes integrated as a ZEVENET package that is uploaded to our official repositories and applied to all our systems. 4 – We also check our customer’s Application Delivery Controllers (while having active subscriptions) to detect any updates and hotfixes needed and pending for apply, so we manage and solve the vulnerability and they are as protected as us in less than 24 hours.
Check some examples in our Timeline, like these ones published recently: