All.Net

Recent Talks	Training/Awareness	Overview	Auditing
Red Teaming	Consulting	Home Page	Contact Us

You've decided to use a scanning service to search for vulnerabilities in your networks... The question is... which one?	All of the good scanners check for hundreds of known vulnerabilities, (we scan for more than 500) all of them can scan for which IP addresses are accessible from the Internet, and all of them are capable of generating prodigious reports of what the average outsider can do to attack your network.
All of the scanning products are about the same, but the services are quite different!	Some services offer detailed reports, some offer convenience, some use more than one scanner product, some have their own scanning software, some offer low prices, some offer a big name, and the list goes on and on.
What sets NetScan service apart?	Three things make NetScan service unique: - Our experience and expertise - The way we work with your team - The value we add to scans

Our Experience and Expertise:

Our experts average more than 10 years of information security expertise and our founder has more than 20 years of network security experience. We have worked the information protection issue since the beginning of the ArpaNet - the forerunner of today's Internet.

In 1995, we founded one of the first Internet security testing services, and our tests were run by more than 1,000 different Internet sites in our first year of testing. We migrated our Internet testing service into our special services group for our key clients because we found that off-the-shelf scans had to be supplemented with expert analysis to meet our clients' needs.

We took the road less traveled ... and that made all the difference.

Our experience and professional performance are unmatched in the industry, and today, we provide the most sophisticated testing service available without doing a full red-team process. (We also do full-scale red-teaming, but that's another story).

The way we work with your team:

The truth is, no large company can afford to fix every vulnerability in every system they have, and even if they could, the risk almost never justifies that level of effort.

Our job is not to make your experts look bad. It is to help them do better.

When you use NetScan services, you get more than just a vulnerability scan. You get a partner who works with your people to help them do a better job of protecting your network to the appropriate level for your needs. That means helping them understand the risks associated with vulnerabilities and helping you make prudent risk management decisions.

The value we add to your scans:

Listings of hundreds of test results with ratings and rankings may look very impressive, but they don't help most defenders do a better job. They don't lead to more effective protection, they don't produce better incident detection, and they don't improve incident response.

NetScan service goes a step beyond other services by analyzing your situation and relating the results of scans to your computing environment. When appropriate, we also devise special purpose demonstrations in conjunction with your staff so that they can understand risks that off-the-shelf scanners simply cannot tell them about. For example, if it's appropriate to your needs:

We can demonstrate the weaknesses that allow email viruses to enter and spread through your site and help find a cost effective solution.
We can verify that only the computers authorized to have special access actually have that access by controlling the source of attacks, not just their destinations.
We can help you figure out how to schedule improvements so that more important things are fixed before less important ones.

Sometimes, what you don't get is more important than what you do get.

That bears repetition. Our tests are specially designed to determine whether your systems meet your security policies. That means that you get:

No false positives. We don't clutter our reports with lists of the test results that aren't important to you. We only list the vulnerabilities you care about and include explanations of what they mean to you and how you can fix them.

No false negatives. The total number of possible vulnerabilities in a network is so large that no test can cover them all. We work with you to determine what to test for and what not to test for. That way, you understand what is and is not being tested and why.
No surprises. We coordinate our tests with your security team so they don't disrupt normal operations or cause unnecessary concern.

What you do get is useful help and advice on vulnerabilities, what to do about them, and what not to do about them.

Contacting Us:
For more information, contact us.

No false positives.	We don't clutter our reports with lists of the test results that aren't important to you. We only list the vulnerabilities you care about and include explanations of what they mean to you and how you can fix them.
No false negatives.	The total number of possible vulnerabilities in a network is so large that no test can cover them all. We work with you to determine what to test for and what not to test for. That way, you understand what is and is not being tested and why.
No surprises.	We coordinate our tests with your security team so they don't disrupt normal operations or cause unnecessary concern.