Manage business-critical vulnerabilities
F-Secure Radar is a turnkey vulnerability scanning and management platform. It allows you to identify and manage both internal and external threats, report risks, and be compliant with current and future regulations (such as PCI and GDPR compliance). It gives you visibility into shadow IT - to map your full attack surface and respond to critical vulnerabilities associated with cyber threats.
Vulnerability scanning and management in a single solution
Assess vulnerabilities accurately
New assets and applications added to corporate networks internally – and to the global Internet via partners and service providers – entail new business-critical vulnerabilities that present an open door to cyber attackers. They call for heightened vigilance and compliance, yet firms still fail to take security seriously enough.
Information security managers need to be able to approach vulnerability assessment from several perspectives in order to get an accurate assessment of risks, minimize security threats, and maintain compliance. Properly executed vulnerability management improves your insight on your organization's security posture.
The best threat response is to predict and map your cyber security threats. No other technology does that better than vulnerability management.
Identify and expose the possible threats
Unlike any other vulnerability management solution on the market today, F-Secure Radar features web crawling technology, called Internet Asset Discovery, that also covers the deep web. With this, you can fulfil a wide variety of tasks ranging from threat assessment to business intelligence. In other words, Radar allows you to easily browse through all targets to quickly identify risks and potentially vulnerable connections, and to expand the possible attack surface beyond your own network.
Successful intellectual property and brands often make companies the target for fraudulent or malicious activities. Such activities include brand violation where third parties pose as your company, phishing sites intended to scam or infect visitors, and typosquatting – where someone registers domains using words similar to your brand to redirect traffic using links that look like yours. Many companies have little to no awareness of these sorts of activities.
"F-Secure Radar is deeply ingrained in the backbone of our service operation and security automation activities. It's a key surveillance component in a combination of commercial and proprietary solutions that we use to create value and maintain business continuity for our customers"
Jari Jolula
Team Manager, Project Management, Solita Oy
"We provide extensive compliance consultations for our customers in relation to a variety of issues, the GDPR being a prime example. F-Secure Radar is a core component of our service, and helps us provide accurate and concise answers for our clients' questions."
Boris Parat
IT Security Engineer, Manhattan SA
Radar vulnerability management
- COMPREHENSIVE VISIBILITY Effective security mapping through precise discovery and mapping of all assets, systems, and applications on the network and beyond.
- STREAMLINED PRODUCTIVITY AND SECURITY MANAGEMENT No more inefficiency and missed security risks. Quickly address problems across multiple domains with an efficient service workflow, including vulnerability monitoring, automated scheduled scans, and ticketing for prioritized remediation and verification.
- REPORTING ON RISK Produce reports with credible information about your organization's security posture over time. Show and justify how IT security enables business continuity.
- REDUCED COSTS Vulnerability management is an opportunity to significantly lower the cost of security. It's less costly to deal with security before serious problems arise than it is to deal with it during a crisis or incident recovery. Additionally, leveraging Radar's cloud resources allows organizations to lower their expenses.
What is your attack surface?
An organization's attack surface is the sum of its IT risk exposure. It crosses all network infrastructure, software, and web applications internally and in the global Internet, and includes an understanding of all points of interaction.
F-Secure Radar identifies where your organization's assets are vulnerable, allowing you to minimize your attack surface to reduce risk.
With F-Secure Radar, your IT security team maps your organization's attack surface in the aggregate of:
- All known, unknown, and potential vulnerabilities critical to business
- Controls across all software, hardware, firmware, and networks
- Shadow IT, external misconfigured systems, malware websites, website-linked hosts
- Partner and contractor security entropy
- Brand infringements and phishing
ADVERSARIES DON'T NEED MULTIPLE VULNERABILITIES – ONE IS ENOUGH
- Vulnerabilities and their exploitation are still the root cause of most breaches
- The exploitation of known, but unmitigated vulnerabilities is the primary method of compromise
- Rapidly changing, complex business IT environments lead to a broad attack surface
Leave it to us - Radar as a managed service
Struggling with growth? Do you currently lack the time, headcount, or resources to effectively manage vulnerabilities? Focus on your business, and outsource vulnerability management to the security experts. F-Secure Radar as a managed service is a cost-efficient service tailored to your needs. We and our selected, dedicated partners can help remediate any situation when your organization is suffering from resource or information gaps.
Radar is not just software, but a mix of advanced technology and security experts' input on vulnerability management. Our analysts work 24/7 across the globe to protect you from the latest threats.
NO SURPRISE COSTS - YET SCALABLE
Know your investments with clear pricing and no surprise costs. Radar scales from SME to enterprise level according to your needs.
DETAILS
Simple on the surface, supercharged under the hood
- Centralized, uniform vulnerability reporting
- Customizable reports in a variety of formats
- Vulnerability management and ticketing
- API interface for 3rd party integration (e.g. ServiceNow)
- Capability of adding manually identified vulnerabilities
- Scheduling of scans, and notifications when new hosts and vulnerabilities are detected
Map your attack surface
Identify assets for security vulnerabilities scanning and monitor network changes.
- A fast, reliable, asynchronous port scanner
- Fast host discovery mode for internal networks
- Supports service and OS detection
- Adjusts scan speed to suit network capacity
Identify known vulnerabilities
Identify security vulnerabilities associated with configuration errors, improper patch management, implementation oversights and more.
- Identifies all known vulnerabilities
- Scans any network device that talks IP
- Supports Windows and Linux authenticated scanning
- Delivers high accuracy, with low false positives and negatives
- Stays up to date based on public vulnerability databases as well as vulnerabilities—including zero-day threats—discovered during F-Secure penetration testing
Test for web application vulnerabilities
- Scan and detect security vulnerabilities within commercial and custom-built web applications. Test for numerous vulnerabilities, including the OWASP Top 10.
- A web application scanner that can identify vulnerabilities within custom applications
- Supports form-based authentication
- Supports web application crawling
- Supports assisted crawling and submission of forms
- Scalable to allow a limitless number of web application scans
Discover external, vulnerable, or misconfigured systems
- Detect orphaned or shadow systems (shadow IT) and identify potential risk concentration and unintended interdependencies
- Detect malware-infected websites
- Monitor phishing and brand infringements to protect your brand and intellectual properties against fraudulent or malicious activities
- Audit your service providers' security practices, in cases where your own security policies differ from those of a partner
Ensure compliance with current and future regulations
- F-Secure is qualified as a Payment Card Industry's Approved Scanning Vendor (PCI ASV)
- F-Secure Radar is compliant with PCI ASV vulnerability scanning requirements
- Prepare for PCI compliance by running pre-validation scan
- EU-based partner that complies with EU regulations
- Carry out regular testing and identify new vulnerabilities
- Generate user-friendly reports for all users