¶ Introduction
In today's digital landscape, where cyberthreats continue to evolve and grow in sophistication, maintaining a robust security posture is critical for both MSPs (Managed Service Providers) and their SMB/mid-market customers. Vulnerability assessment plays a pivotal role in identifying and addressing potential weaknesses within IT infrastructures. Exium's Autonomous Vulnerability Assessment offers a comprehensive solution designed to empower MSPs and their clients to proactively identify and mitigate vulnerabilities, thereby bolstering their overall security posture.
¶ Comprehensive Vulnerability Detection and Assessment
Exium's Autonomous Vulnerability Assessment offers a single, intuitive interface to detect, assess, and remediate vulnerabilities across your client's IT infrastructure. The solution supports both agent-based and agentless vulnerability assessment approaches, providing a holistic view of your client's security posture.
¶ Agent-based Vulnerability Assessment
The agent-based approach allows for in-depth vulnerability detection and assessment on devices where an agent can be deployed, such as desktops, laptops, and servers. This method provides granular insights into the vulnerabilities present on these devices, enabling targeted remediation efforts.
¶ Agentless Network-based Vulnerability Assessment
Exium's Autonomous Vulnerability Assessment also includes a network-based, agentless vulnerability assessment capability. This complements the agent-based approach by identifying vulnerabilities in devices where an agent cannot be deployed, such as IoT/OT devices, WiFi access points, network devices (routers, switches, firewalls), and other network infrastructure components. This comprehensive approach ensures that your clients' entire IT ecosystem is thoroughly assessed for potential security risks.
¶ Streamlined Vulnerability Management
Exium's Autonomous Vulnerability Assessment provides a centralized platform for MSPs to manage vulnerabilities across their client base. The solution offers a user-friendly dashboard that consolidates vulnerability data, prioritizes risks, and provides clear remediation guidance. This streamlined approach empowers MSPs to efficiently address vulnerabilities and strengthen their clients' overall security posture.
¶ Benefits for MSPs and SMB/Mid-market Customers
Exium's Autonomous Vulnerability Assessment delivers several key benefits for MSPs and their SMB/mid-market customers:
|
Item |
Benefits for MSPs and SMB/Mid-market Customers |
|---|---|
| 1 |
Comprehensive Coverage
|
| 2 |
Efficient Vulnerability Management
|
| 3 |
Enhanced Compliance
|
| 4 |
Increased Competitive Advantage
|
| 5 |
Reduced Operational Costs
|
¶ Unlocking Agent-based Vulnerability Assessment
Note that for the Agent-based Vulnerability Assessment, you need to have the Exium SASE/ XDR agent (same unified agent) installed on the endpoints such as computers, servers, and virtual machines etc. To view the results of Agent-based Vulnerability Assessment, checkout the article Agent Based Vulnerability Assessment.
¶ Unlocking Agentless Vulnerability Assessment (VAS360)
Unlocking the power of VAS360 is as easy as accessing your central management console directly from within your Exium portal. Simply follow the steps below.
Agentless VAS360 requires that you have Exium cyber gateway deployed at the site where you like to discover vulnerabilities. VAS360 performs vulnerability assessment for all network connected devices on the site including computers, servers, printers, VoIP phones, security cameras and more.
¶ Step 1: Get your Login credentials
- Navigate to the MSP admin console → Companies → Click on Company name (or directly go to the Customer/ Client Workspace Sign In)
- Click on “XDR” in the left menu bar → Login → copy the password from the “Vulnerability Mgmt” line
¶ Step 2: Login to the VAS360 console
- Click on “XDR” in the left menu bar → “Vulnerability Management”
- Login with the username as your workspace name and the password from the previous step
¶ Step 3: Access the VAS360 console
- Vulnerability Management UI will launch, continue with the next steps below
¶ Step 4: Checkout Scan Results and Discover Vulnerabilities
- Click on scans → Results as shown in the screen shot below
- Click on the Vulnerability name to see more details
¶ Configuring an Agentless Vulnerability Scan
The following steps have to be executed to configure a simple scan:
- Creating a target
- Creating a task
- Running the task
Exium's platform automatically schedules and performs Vulnerability scans for the sites where you deploy Exium cyber gateway. However, for scanning public facing resources (for example, public IPs and public domain names), you can configure and schedule as many scans as you like by following the steps in this section.
¶ Creating a new target
The first step is to define a scan target as follows:
- Select Configuration > Targets in the menu bar.
- Create a new target by clicking new
- Define the target (see screenshot below).
- Click Save.
The IP address or the host name is required. When entering manually the following options are available:
- Single IP address, e.g., 192.168.15.5
- Host name, e.g., web.example.com
- IPv4 address range in long format, e.g., 192.168.15.5-192.168.15.27
- IPv4 address range in short format, e.g., 192.168.55.5-27
- IPv4 address range in CIDR notation, e.g., 192.168.15.0/24 (maximum subnet mask is /20 by default, if no other hosts are part of the configuration)
By default, the subnet mask in the CIDR notation is restricted to a maximum of 20 for IPv4 and 116 for IPv6.
¶ Creating a Task
A task can be created as follows:
- Select Scans > Tasks in the menu bar.
- Define the task by clicking on New as shown in the screenshot below
- Select the target created in the previous step or any other previously created target
- Click Save
¶ Starting the Task
In the row of the newly created task, click the start button as shown in the screenshot below. This will queue the task for execution. In most cases, the task execution will start within a few minutes. The scans can last from several hours based on the number of hosts configured in the scan target. Once the scan is finished, you can come back and check the scan results.
¶ Conclusion
Exium's Autonomous Vulnerability Assessment offers a comprehensive and adaptive solution tailored to the needs of MSPs and their SMB/mid-market clients. By leveraging both agent-based and agentless assessment methods, Exium enables proactive risk management, enhances security posture, and helps organizations stay resilient against evolving cyber threats. With Exium, MSPs can deliver superior security services, instilling confidence in their clients and strengthening their partnerships for long-term success in an increasingly digital world.
For expert guidance on implementing SASE, XDR, IAM, and GRC for your organization and explore tailored solutions that meet your unique requirements, contact Exium at partners@exium.net for a consultation or demonstration. If you are ready to get started, check out our testing and onboarding process.