April 24, 2002 — (WEB HOST INDUSTRY REVIEW) — Communications service provider BT Ignite (ignite.com) announced on Wednesday that it has launched an online vulnerability assessment service, the BT Ignite Internet Vulnerability Scanner, designed to evaluate the security of Internet-facing Web, mail and application servers.
The scanner, says BT Ignite, enables companies to identify weaknesses on their networks and application servers, in real time, before they are discovered and exploited by hackers.
BT Ignite says its scanner emulates a real hacker by probing the customer?s network from the outside, looking for security holes, and often revealing vulnerabilities in systems that the companies operating them were not aware of. According to BT Ignite, this outside picture provides customers with a real world view of their Internet presence by allowing them to see the exact same picture and vulnerabilities as a hacker.
Traditional monthly penetration testing, says BT Ignite can leave networks exposed to newly discovered vulnerabilities for weeks. The Internet Vulnerability Scanner can help to minimize this risk by running comprehensive security audits on a weekly or daily basis. It can also provide on-demand testing, allowing users to check the effectiveness of applied patches and fixes.
“A serious security breach not only disrupts business continuity,? says Kevin O’Shea, head of product development, BT Ignite Content Hosting, ?but can cause significant financial loss. The advantage of using the BT Ignite Internet Vulnerability Scanner is that companies can test their networks in a cost-effective manner and as often as they wish, each time highlighting potential risks. This helps them identify and patch potential security problems quickly and efficiently, significantly reducing the chance of a major security breach occurring and protecting the integrity of their Web based business.”
Powered by security technology from intrusion detection company Qualys Inc. (qualys.com), the BT Ignite Internet Vulnerability Scanner already checks for more than 1,400 vulnerabilities, updating its database daily. The service uses graphical mapping of the IP domain to identify Internet facing hosts or servers and describe their roles, enabling authentication of server addresses and services to ensure that they are not visible from the Internet.
End users, says BT Ignite, are able to access the service through any Web browser, using SSL to ensure the confidentiality of the reports. The reports provide a global view of the security level of all IP addresses scanned, listing detected risks and calculating their severity on a scale of one to five. The service also provides a description of each vulnerability, its potential consequences and recommended solutions and links to software patches.
