- +49 7131 618 718-0
- info@cloudcape.de
- Mo - Fr: 09:00 - 18:00
Vulnerability Management as-a-Service from the cloud
Digital transformation brings great opportunities to your business, but at the same time increases the complexity and vulnerability of your IT. As the person responsible for IT security, you need an all-in-one solution for vulnerability management and compliance.
Cloud Cape centrally monitors all your IT assets from the cloud. We bring you to the most advanced cloud platform for IT security and compliance and put together an always-on security program to meet your security needs.
Overview of Services
Whether on-premise, endpoints or your workloads in the public cloud, we bring it all together for you in the Qualys Cloud Platform and give you complete visibility of your network. You always know what your IT security and compliance status are. In addition to Vulnerability Management, you can choose from a wide range of other services:
IT Security
Vulnerability Management
Continuous vulnerability scannning according to the principle "detect and remediate"
Continous Monitoring
Real-time notifications whenever unusual network activities occur
Patch management
Efficient import of security updates through automated reconciliation
Compliance
Policy Compliance
Define compliance standards, determine non-compliance and eliminate it immediately
PCI DSS Compliance
Scans that guide you to compliance and reports that serve as evidence
Cloud & Web Apps
Cloud Inventory
We discover and inventory all your assets in the public cloud, whether AWS, Azure or GCP
Cloud Security Assesment
Monitoring for misconfigurations and non-standard deployments
Web Application Scanning
Leading vulnerability detection for web applications
Vulnerability Management
The core of our offer is comprehensive Vulnerability Management which we perform for you as a Managed Security Service. Our solution covers the entire cycle of professional vulnerability management.
1. Discover
2. Prioritise
3. Scan
4. Report
5. Remediate
6. Validate
7. Repeat
1. Discover
We inventory all IT assets across the network and identify host details, including operating system and open services. We can capture assets from both the Internet and the inside of your network. We use a variety of technologies such as discovery scanners, agents and sensors to find both on-premise assets and assets in cloud environments. This phase is essential because you can only protect what you have in sight. So in this step we create a starting point for all further measures. We identify changes in your network according to a regular, automated schedule.
2. Prioritise
We categorize your assets into different asset groups, assign them to business units, and assign them a business value based on their critical importance to your business operations. This is where we take the time to gain a comprehensive understanding of your IT. The goal of this phase is to identify optimal targets for subsequent vulnerability scans.
3. Scan
The actual vulnerability scans take place in this phase. The data collected on the host assets during the scanning process is transferred securely and encrypted to the Qualys cloud platform. With the Qualys Security Operations Centre, you have access to the world’s leading and most up-to-date vulnerability knowledge database. This automatically includes compliance with industry standards such as CVE (Common Vulnerabilities
and Exposures) or the ICAT Metabase.
4. Report
In this phase we process raw scan results for you. The aim is to cater to the most important interest groups according to their information needs. It is very important to us that you actually get into action with our reports. Only reports that are implemented are of value. Therefore, all our packages include a monthly service call with a Cloud Cape Security Consultant.
5. Remediate
With our reports, you have an informative, prioritized guide to vulnerability remediation. An Open XML programming interface even allows integration with third-party patch management software.
6. Validate
In this step, we validate the remediation measures with a re-scan and determine whether the vulnerabilities have been effectively addressed.
7. Repeat
Vulnerability management is a cyclic process. Your network is constantly changing. New assets are added, new vulnerabilities become known, new patches are available and so on. As a result, we repeat the process described to provide you with continuous security.
Benefits
Proactive vulnerability management as an integral component of your IT security
Perfect Configuration
Our Vulnerability Scanning Team configures and operates leading scanning tools according to your security needs
Patch management
Efficient import of security updates through automated reconciliation
No Training required
We perform the scans periodically for you. Your team does not need any training and can focus on strategic issues.
Cost Benefits
No need to deploy your own vulnerability management resources or to worry about hardware and software upgrades
Reporting
We handle target group-oriented reporting for you and create a remediation plan for your team
Cloud Expertise
You get transparency of your workloads in the cloud. Cross-platform with all major providers.
PCI DSS Compliance
Our Managed Vulnerability Scanning Service fully complies with PCI DSS requirements
Packages & Prices
Our Vulnerability Management as-a-Service (VMaaS) tailored to your requirements
Small
Our vulnerability scanning service from the cloud for smaller businesses
from 875
€*
per month
-
Scanning of 50 internal IP addresses
-
Scanning of 16 external IP addresses
-
Monthly reporting + 1h service call
-
Web Application Scanning
-
Cloud integration (AWS, Azure, GCP)
-
Policy compliance
-
PCI DSS Reports
Medium
Our vulnerability scanning service from the cloud for medium-sized businesses
from 1850
€*
per month
-
Scaning of 100 internal IP addresses
-
Scaning of 32 external IP addresses
-
Monthly reporting + 1h service call
-
Web Application Scanning
-
Cloud integration (AWS, Azure, GCP)
-
Policy compliance
-
PCI DSS Reports
Request quote now
* plus VAT
Large
Our vulnerability scanning service from the cloud for large businesses
from 2850
€*
per month
-
Scanning of up to 200 internal IPs
-
Scanning of up to 32 external IPs
-
Monthly reporting + 2h service call
-
Web Application Scanning
-
Cloud integration (AWS, Azure, GCP)
-
Policy compliance
-
PCI DSS Reports
Request sample reports
Get sample copies of our scan reports directly into your e-mail inbox. This will give you a good first impression of our Vulnerability Management as-a-Service offer. We create individual reports according to target group and information needs. This includes the following reports:
- Global IT Asset Overview
- Vulnerability Scanning Report
- Web Application Scanning Report
- PCI Compliance Report
- Policy Compliance Report
FAQ
Do you have any questions about our Vulnerability Management as-a-Service offer?
Our Vulnerability Management as-a-Service offering is proactive, unlike most traditional IT security solutions. The time window in which unresolved vulnerabilities are actually exploited is getting smaller from year to year. We therefore recommend continuous vulnerability management as a valuable addition to your existing security program.
Vulnerability Management as-a-Service is suitable for security-conscious companies of various sizes and industries. While large corporations often have the technical and financial resources to operate professional vulnerability management in-house, our offer is the much more practical alternative for smaller and medium-sized companies. Thanks to state-of-the-art cloud technologies, we provide small and medium-sized enterprises with a level of security that can be compared to the enterprise level.
We offer you short contract terms and our scanning service adapts flexibly to your needs. You can switch between our packages at any time and have a dedicated account manager. In addition to vulnerability management, you can choose from a variety of other services.
Penetration tests provide you with a comprehensive assessment of your IT security measures. However, this is always just a snapshot. Within one year there are countless changes in your IT landscape. Both services in combination guarantee that you are permanently able to maintain a adequate level of security.
The IT security experts at Cloud Cape configure all vulnerability scans so that no disruptions are to be expected. Especially for initial scans, we choose low intensity scanning, measure the impact and then increase the intensity if necessary.
No. You do not need to purchase any hardware or software. Even for the scans of internal IP addresses physical scanners are not required. Instead, you can quickly add a virtual vulnerability scanner to your network.