Contact Cyber Defence

Vulnerability Management: Eliminate Vulnerabilities

They appear again and again - and they are mercilessly exploited: security holes in the IT infrastructure through which cyber criminals slip into the heart of a company. With dramatic consequences if commands are executed without authentication and administrative rights are abused. KRITIS companies are obliged to manage vulnerabilities. The DSGVO also expects implemented vulnerability management, which is even a prerequisite for ISO 27001 certification. Suppliers of software and hardware fight against security risks by continuously offering security updates for their products. But patch management alone is not enough. Professional vulnerability management goes a big step further. 

Automated scanning - incl. daily CVEs feeds

Managed VAS (Vulnerability Assessment Service) keeps vulnerabilities in your infrastructure under control by detecting them immediately through systematic scanning. We will discuss with you the frequency for this and which of your system groups will be scanned and when. This "Scheduled Scanning Task" then runs automatically, taking into account CVEs (Common Vulnerabilities and Exposures) that are updated daily, so that the scans can immediately identify even the latest cyber risks.

  • systematic detection of gaps (e.g. patch & update management, service configuration, etc.)
  • regular scans at pre-defined intervals
  • review of compliance requirements
  • regular reports for management or auditors
  • alerting the customer according to pre-defined criteria
  • automation with other Managed Services

Fully managed at dacoso NOC/SOC 

We take over the entire operation of vulnerability management for you in our own NOC/SOC, which has been certified by the BSI (ISO 27001 certificate based on basic IT protection) and meets the highest security requirements. From there, our network and security experts manage the administration of vulnerability analysis and, if necessary, control the immediate escalation of risks. As our client, you receive regular reports from us as well as recommendations for action with which you can further strengthen the cyber resilience of your company.