The USB key

You are responsible for checking the IT security of your company, however you have no time nor any mean to control the security level of your most critical services (email, databases, websites, file shares, etc)?

You are an IT consultant and you lack an effective tool addressing several logical security issues with a real risk-based approach?

In reply to these concerns, VULNIT brings an innovative, automatic and accessible solution designed to facilitate IT security testing.

Provided as a USB key, the VulnIT solution enables booting the user computer on a fully operational environment. Then, you only need to specify which target(s) to test, to get a precise and clear report listing all the vulnerabilities and the way to remediate them.

Advantages

As VulnIT has been designed with a continuous concern of efficiency and ease to use, its interface and report offer the user an immediate solution to enhance IT security.

The VulnIT solution automates a panel of critical security tests that you would otherwise run manually one by one, thus saving a substantial amount of time.

Moreover, VulnIT requires no installation, making it immediately available.

Finally, VulnIT is automatically updated via Internet during the whole license period. The integration of new tools - each of them detecting new vulnerabilities - helps extending the solution capabilities.

Functionalities

Using VulnIT is as simple as 1-2-3:

Phase 1: network discovery - Identify all the targets within the scope entered by the user (domain, IP range, etc), allowing to automatically test your whole network or part of it. - Detect all the services (email, web, database, etc) provided by these targets.

Phase 2: testing Once the user has validated the exact scope of the assessment (among the targets and services discovered previously), the testing phase begins. This step is fully automatic. The following tests are currently performed: - Patch management, - Websites (SQLi, XSS, LFI/RFI, FPD), - Database authentication (SQL Server, Oracle, etc), - File shares (Windows, FTP), - Remote access (Telnet, SSH), - Wifi, - Emailing (open relay), - Monitoring (SNMP). For more information, you may see the list of all the tests performed.

Phase 3: reporting Finally, the report is automatically generated from the test results. You may consult a report sample online.