RapidFire Tools VulScan
Vulnerability management for IT pros
How it Works
VulScan by RapidFire Tools is a stand-alone internal and external scanning solution that can be integrated with other tools. It consists of a web-based client site management portal and licenses to set up one or more virtual network scanners at each site using our software and Hyper-V or VMWare.
Scanner Appliances / Data Collectors
- VulScan has no limitation on the number of scanners you can use. If you have a number of remote branches, a large network, or a distributed network, you can have as many data collectors as necessary at no extra charge. Setting up new scanning appliances is a snap.
VulScan PVS: The Optional Portable Scanner Add-On
- MSPs can use VulScan PVS to perform ad-hoc vulnerability scans for prospecting and as part of one-time paid security assessments. Internal IT Pros can use VulScan PVS to perform vulnerability scanning for temporary offices, and for ad hoc scans after major network changes.
- Sometimes, there are circumstances that call for an ad hoc or one-time vulnerability assessment when you wouldn’t want to permanently install a scanning appliance on the network. That’s where the VulScan PVS add-on subscription comes in. With it, you can create a physical appliance to perform network vulnerability scans on multiple networks without consuming VulScan permanent site licenses.
Access your Clients’ Vulnerabilities Anywhere at Anytime
- Vulnerabilities can develop at any given time to any given client, and when they crop up you want to know! VulScan automatically performs regular vulnerability scans at each client site according to the intervals you set up. When each scan is complete, you’ll be notified by email with a summary of what’s been discovered. If you see anything that needs immediate attention, you can access the web-based client dashboard from any device, from anywhere, at any time. You can access all your client sites through a single dashboard and drill down into all the details. Easily set up and manage all your data collector/scanners from the same place. The graphical interface is easy to use and lets you quickly identify and sort issues. You can also view your clients’ trends over time.
Email Alerts Let you Know of Issues Immediately
- Once a scan is complete, VulScan generates an email alert to everyone on your notification list — including your ticketing system, if desired. You have the option of having a comprehensive alert sent out with all the details of everything discovered, or a summary alert which is filtered by issue or device.
Scan & Notification Options
- Not all IT environments and security requirements are the same, which is why VulScan lets you pre-set the type of vulnerability scan you want to run for each appliance.
- A comprehensive scan, which hits every single port on every device in your selected IP range, looks for vulnerabilities, and attempted brute force log-ins.
- A standard scan, significantly expands ports scanned and includes brute force log-in attempts.
- A fast, low-impact scan that checks all standard port ranges and excludes brute force log-in attempts.
- Select an appliance to execute the scan, whether a single scanner covering an entire site, or one of several you have monitoring a site. Then decide what level of scan to run:
False Positive Management
- Nothing is more disruptive to vulnerability management than the “noise” created by false positives — situations you are aware of and don’t need or want those specific notifications. VulScan includes a powerful yet easy-to-use rules engine that ignores specific vulnerabilities you’re already aware of. Apply the rule to a specific OID or device or any combination. Select a specific start and stop date, if desired. For example, you have plans to patch out a vulnerability, so you can set a time limit and when the time limit expires, the issue will again show in your alerts.
Automatic Service Ticket Creation
- You can connect your PSA to each site, allowing Vulnerability Scanner to send the alert data to ConnectWise, Autotask, BMS, Tigerpaw, or any ticketing system with an email parser.
VulScan - Uses For MSPs and Internal IT
VulScan goes beyond basic vulnerability scanning. It helps MSPs develop new revenue streams, and helps internal IT professionals improve security without breaking the budget.
- Create revenue opportunities and/or justify your IT spend by adding vulnerability scanning to your IT security routine.
- Differentiate yourself from your peers and competitors by offering enhanced cyber security services when others don’t.
- Stay “front and center” with your network security program by providing monthly updates to your clients or executive team.
Add Value While Generating Revenue Or Cutting Cost
- MSPs and companies that do their own IT both need to perform regular vulnerability scans to protect their networks. MSPs are challenged because most of their clients don’t want to pay for it. Internal IT pros face the same obstacles when attempting to get huge, ongoing line-item budget approvals from corporate finance. VulScan by RapidFire Tools solves these problems. It’s priced so you can deploy a scanner on lots of small or large networks at one low monthly cost. The built-in automation and false-positive management tools keep the labor cost of running scans low enough to perform regularly scheduled basic vulnerability scans.
Leverage Vulnerability Scanning to Identify the Need for Additional Programs
- Modifying security policies, architecture, or other documentation to ensure security practices include timely system updates and upgrades.
- Assigning a staff member to monitor vulnerability alerts and initiate appropriate system changes.
- Improving configuration management programs and procedures to ensure systems are upgraded routinely.
- Deploying mitigating measures (technical or procedural) if the system cannot be immediately patched (e.g., an operating system upgrade will make the application running on top of the OS inoperable), in order to minimize the probability of this system being compromised.
- Use the trend data to explain to clients or the exec team that regular vulnerability scans are identifying ongoing and/or persistent vulnerabilities that need to be corrected. Use that data as leverage to further increase spending in other areas, such as:
- Running vulnerability scans is the easy and inexpensive part. But what about the high cost of correcting the deficiencies you discover? If you stay on top of things, VulScan’s trend reporting will show you where you need to make systemic adjustments to harden your network and make you a tougher target for cyber criminals.
Generate Vulnerability Assessment Reports with Network Detective Pro
- Each time you run a scan, the data automatically and seamlessly becomes available to Network Detective Pro, which can turn the data into meaningful reports you can share with your management team or client stakeholders. The reports are professionally designed and can be branded with your information, colors, and logo. In addition to full detail reports which you can save and archive as evidence of compliance to a wide range of IT security standards — Network Detective Pro will also generate an easy-to-read summary report highlighting critical issues you’ve addressed.
Vulnerability Management-as-a-Service (V-MaaS)
If you’re an MSP or MSSP, VulScan’s unique licensing model puts you in position to start offering Vulnerability Management as a service with recurring revenue. Every client is exposed to cyber threats, regardless of size. We’ve done the hard work to define a portfolio of profitable vulnerability management services that are scaled and priced to meet the needs of every client, from micro-businesses all the way up to corporate giants.