The scanning process: how we identify known exploited vulnerabilities.
Advanced scanning is a step-up from existing capabilities, as KYND now proactively checks whether instances of your infrastructure are actually vulnerable to specific exploits.
Sending external requests to test for published exploits
Advanced scans work by sending simple requests to your organisation's network from an external source and analysing the responses. Your infrastructure's responses to these simple network requests will tell KYND whether or not each instance is vulnerable to an exploit.
It is important to note that advanced scans do not use active exploits or intrusive scanning methods. Instead, KYND uses the published exploits to actually test for vulnerabilities, rather than assuming their presence based on publicly-displayed products or versions.
This approach allows for a more accurate and efficient assessment of the organisation's cyber risks, without causing any disruption to the network or data. It also helps to identify vulnerabilities that might have been missed by other types of scans, allowing organisations to take proactive measures to mitigate the identified risks.
KYND highlights vulnerabilities that match CISA’s KEV catalog
KYND advanced scanning analyses an organisation’s network to compile a comprehensive list of services, including IP addresses, ports, products, and hostnames. It then scans these services to identify vulnerabilities, focusing on those those listed in CISA's KEV catalog. Once the scan is complete, your KYND ON & Start reports will include a summary of any detected vulnerabilities and recommended remediation steps to fix identified risks.