We deliver rapid detection, monitoring and remediation of deep-seated vulnerabilities
within external and internal systems
Tens of thousands of endpoints, multiple networks, custom written applications, billions of lines of code and blurred lines between public and private access all have the ability to introduce unknown vulnerabilities into a network. It's these that cause the biggest risk as they can leave you with a false sense of security and an attacker with a powerful foothold into the very heart of your organization's sensitive data.
TeslaWatt’s Vulnerability Management services provide organizations with powerful capabilities to help identify unknown vulnerabilities in internal and external systems.
You have made a routine update to one of your web applications that has introduced a vulnerability. How do you know that this is the case? A regular web application layer scan will alert you to this.
Our web application scanning services provide you with a fully managed, automated service that is designed to significantly reduce the risk of an external or internal breach.
Our automated web application scanning services enable you to assess, track and remediate your web application vulnerabilities on a continual basis. While penetration testing is necessary to give you an in-depth understanding of your weaknesses, our web application scanning managed service notifies you of new vulnerabilities on a much more frequent basis.
The scanning frequency will depend on your requirements and will ensure that you are covered throughout the year in between your regular annual penetration test. Regular application reports are provided which highlight vulnerabilities that have been discovered along with recommendations on how to remediate. All identified vulnerabilities are assigned a risk rating of high, medium or low depending on the level of assessed threat.
Our Managed Security Monitoring service provides an effective means to manage and monitor vulnerability risks on a more regular basis than standard penetration testing.
Our service is intended to supplement the comprehensive penetration testing you are already receiving and consists of daily infrastructure delta scanning coupled with monthly, quarterly or ad-hoc automated vulnerability assessments.
A regular status report is provided with all identified vulnerabilities assigned a risk rating of high, medium or low depending on the level of assessed threat.
Types of scan:
How it works
Cyber-attacks won’t stop at your external perimeter, so why should your security testing?
Our internal security scanning services bring our comprehensive approach and enterprise grade scanning technologies to your networks. By becoming your internal security partner via our secure Firebase scanning appliance we can carry out assessments without needing to visit your site - improving both responsiveness and efficiency. As part of any internal scanning service, you are assigned a Technical Account Manager (TAM) to oversee your tailored scanning program.
We build your service to meet your requirements:
Your TAM will assist in building a regular scanning schedule, as well as responding to ad-hoc needs such as after a significant change. This helps you to follow best practice in security testing and standards such as PCI DSS and GCSx CoCo.
How it works
Distributed Denial of Service (DDoS) attacks are capable of bringing all communication to and from their targets to a grinding halt, with a potentially devastating effect on revenue and reputation.
Our DDoS Assured Services
With our DDoS Assured services you don't have to wait until you are actually attacked to find out how your defenses or team would react.
DDoS Fire Drill
Any company that has to comply with the PCI Data Security Standards has to perform quarterly external vulnerability scans (performed by an Approved Scanning Vendor (ASV) as designated and certified by the PCI SSC) as outlined by requirement 11.2: Run internal and external network vulnerability scans at least quarterly and after any significant change in the network (such as new system component installations, changes in network topology, firewall rule modifications, product upgrades).
TeslaWatt prides itself on its consultant-led ASV service. Scrutiny of the ASV requirements outline that an automated approach to ASV services is unfeasible, so we have invested in a consultant-led offering and managed service to provide the customer with a business led approach to achieve compliance. ASV scans are performed by a dedicated team of security consultants as opposed to many of our competitors who run this as a cheap automated service. Our consultants will help identify the real vulnerabilities in your external infrastructure and our common sense based approach to false positive management and compensating controls wins us constant praise from our existing ASV clients. User Driven Vulnerability Scanning xstormlive is a highly secure, centrally managed vulnerability scanning service hosted on a global network of TeslaWatt data center locations. Customers in any part of the world can simply schedule scans on the xstormlive platform via a browser, and xstormlive takes care of the rest, producing an automated security assessment report after each scan. Designed to enable network managers to run scheduled or on demand perimeter scans, the xstormlive service is licensed for an unlimited numbers of scans on a defined number of external IP addresses or web URLs visible from outside the network. This means that any remedial action can be retested to confirm that the solution has been successful without incurring additional costs.
Can you be certain you are not storing any payment card numbers on your internal systems?
Scan Using our secure internal scanning firebase appliance, we can conduct sweeps of your internal systems to identify and validate any instances of payment card data currently being held in internal file systems, employee and system mailboxes as well as critical internal databases. Analyze All findings from our scans are validated by one of our Technical Account Managers, helping you to save time and effort by allowing you to focus on removing genuine instances of payment card data. Report Our comprehensive reports allow you to quickly and accurately identify files and locations within your internal systems that contain payment card data, assisting you with creating effective remediation plans.