Internal Vulnerability Assessment
Internal Vulnerability Assessment (IVA), available to Arctic Wolf® Managed Risk customers, provides continuous or scheduled scans of your internal network to detect vulnerabilities, helping to improve your security posture.
Identification and insights into detected vulnerabilities are available in the Managed Risk Dashboard. Reviewing these findings with your Concierge Security® Team (CST) team helps you quantify internal risks and build risk management plans based on severity and classification.
Features
IVA includes these features to increase the security posture for your organization:
- Inventory and categorize assets.
- Identify authorized and unauthorized devices.
- Perform brute force scanning checks for default, known, or common usernames and passwords.
- Find critical vulnerabilities that could be exploited by attackers.
- Improve detection quality using credentialed scans.
- Identify, monitor, and acknowledge risks in the Risk Dashboard, allowing for informed decision-making and risk management.
- Configure IVA scanners, configure and schedule scans, and view the health of your IVA scanners in the Arctic Wolf Unified Portal.
Scan targets
These configurable targets are used in IVA:
-
IP address (X.X.X.X)
-
IP address range (X.X.X.X - X.X.X.X)
-
CIDR (X.X.X.X/Y)
IVA operations
IVA scans start by utilizing a host identification scan which searches for a limited set of frequently used open ports, as well as various other network protocols, to identify ip addresses for deeper vulnerability scanning. If Arctic Wolf receives any port response in the initial scan, the IP address is added to a list of scan targets for deeper scanning.
IVA scans use Nessus Attack Scripting Language (NASL) vulnerability definitions that are updated every four hours.
For more information about IVA operations, see Scanner Config page.