SolidStep is a high tech security analysis solution developed exclusivley by SSR and it's an comprehensive vulnerability scanning solution
which routinely performs security scans on important IT assets.
|HP · UX|
|Oracle Http Server|
|IBM HTTP Server|
It depends on the number of scan target. Please contact to head of sales for more details.
Please contact us to +82) 2-6959-0126,7 or email@example.com
Yes, It's possible. We provide customized scan based on customer's requirements.
Yes. It's available to check internal security policy/compliance.
Construction has two part, solution installing and scan target. It takes a day for 100 of solution installing. Scan item setting needs additional consultation.
Please see below for more details.
<CCE cs CVE difference>
CCE (SolidStep) CVE (Network Scanner) Definition Check consistently to fulfill law observance/internal policy Evaluate infrastructure's environment composition Manage/analysis vulnerability that attacker's point of view by unit of host/network Purpose Security reinforcement for monitoring/controlling by ensuring system's scurity setting Check if vulnerability exist on system that attacker's point of view Example According to account management policy, check security setting if the password has been set with more than 9 characters Approachable network check whether process is running on exposed vulnerability version Vulnerability Agent Vulnerability Creation : User
Measure : User
Vulnerability : Vender
Vulnerability : Vender
Advantage Match scan move with each company's security policy
Satisfy thanks to regulatory compliance reporting
Visulization ton security risk/compliance
Optimized report on security team's guideline
Simple running without additional preparation item
Support plenty of system
Disadvantage Need period for scan system construction(for agent distribution, etc.) Unable to scan system which is hard to approach network
Unable to check internal system such as account managing file authority check
Each company's security policy and scan move are discord
Hard to check compliance with domestic security regulation
No, we are only suggesting agent based scan but it's not required.
Yes, we can bring up the same result with existing scan method by supporting offline scan.
The overall scan time takes about 5minute regardless of amount. However, analyzing result can cover 300~500 per hour.
No It's not. Agent only delivers collected information to manager, manager covers result analyzing So it is not harmful to target system at all.
No, it's not. We are operating dozens of scan performance results stably.
Fundamentally, we ask 15% of retail purchase fee includes S/W and H/W repair, item update, version upgrade, etc.
Agent's license purchasing may be required by growing system. Replace manager(appliance)'s model is needed when exceed range of installed manager(solution)'s agent.
Consulting is not required. We provide improved result via knowledge information security consulting specialized company that has solution with lots of experience and know-how than exiting consulting by workers.
With Solidstep you can expect reducing at least 1/3 to 1/10 of cost. The difference is increasing if there's large scale of infrastructure or number of scan.