Vulnerability Scanning - Overview
Cloudaware Vulnerability Scanning as a Service (VSaaS) is a comprehensive, low-friction, high-value and security scanning solution. Vulnerability data is accessible directly in Cloudaware CMDB.
Supported Scan Types
Agent Based Vulnerability Scans (Default)
IP Based Network Scans (Optional)
PCI DSS (Windows, RedHat only)
OWASP Top 10 Vulnerability Scanning
Docker Image Scanning
CIS Level 1, 2 and Custom
HIPAA Windows Audit
PCI DSS (Agent and IP)
Mobile Device Discovery
Intel AMT Security Bypass
TNS Content Analysis
Scan Frequency and Scheduling
All scans are performed at least once every 7 days. Cloudaware VSaaS algorithm self selects time to scan each asset. Customers may request an on-demand scan at any time. If a scanning agent has been uninstalled or impaired, Breeze will automatically do clean uninstall, repair if necessary and reinstall the scanning agent.
Every CI in CMDB has 'Last Scan Date' field. Using CMDB reporting and workflow functionalities, customers can create reports that show unscanned machines or generate workflows to handle unscanned notifications.
Every CI in CMDB has fields indicating a number of Critical, High, Medium and Low risk vulnerabilities associated with a CI.
Vulnerability data is accessible directly in CMDB.
Customers can create workflows to handle conditions such when a new vulnerability is discovered or has been remediated.
Customers can create dashboards tracking such KPIs as scanning coverage, vulnerability age, etc.
Customers can create various reports, including such that show assets that are not getting scans and assets that have critical vulnerabilities over a certain age.
Customers can create CVE-specific reports showing assets that are vulnerable to specific vulnerability or CVE(s).
With Cloudaware CMDB reporting and dashboarding functionality, along with advanced Wave Analytics you will be able to review your KPIs (scanning coverage, vulnerability age, etc), track assets that vulnerable to specific vulnerability or CVE(s) and monitor vulnerabilities over a certain age:
Ticketing and Incident Management Integration
Cloudaware VSaaS is integratable with external systems such as ServiceNow, JIRA and PagerDuty.
Cloudaware VSaaS supports stateful ticketing integration, meaning it will not only create tickets in external systems but also update them when it detects that a vulnerability has been remediated.
List of supported objects
CloudAware Scan Server