ASSESSMENT & TESTING

Vulnerability Assessment

Supporting on-premise and cloud assets, Breadcrumb provides in-depth visibility into where your IT assets are vulnerable and how to protect them.

------ SERVICE OVERVIEW

Through automated and manual discovery processes, Breadcrumb will evaluate your technology assets for known security vulnerabilities and weaknesses. Discovering these, and mitigating them, is a pivotal step in measuring your prevention efforts and protecting your organization from today’s advanced threats.

Scanning with Six Sigma (99.99966%) accuracy, Breadcrumb systematically evaluates your IT assets – on-premises and in the cloud. In addition to appliance-based scanners, Breadcrumb leverages cloud agents, extending its network coverage to assets that can’t be scanned with traditional methods. The lightweight, all-purpose, self-updating agents reside on the assets they monitor – no scan windows, credentials, or firewall changes needed. Vulnerabilities are discovered faster, and network impact is minimal.

"Nearly two-thirds of all companies (65%) say that it is currently too difficult for them to decide correctly on the priority level of each software patch." - Ponemon Institute

Typical Assessment Categories

Vulnerability Assessment

Automated assessment of IP connected assets for known vulnerabilities/CVEs

Wireless Topology

Man-in-the-middle susceptibility, rogue AP detection, endpoint de-authentication

Active Directory Security

Credential disclosure, account control, in-depth crypto-review of all AD passwords)

Malware/AV Defenses

Signature evasion, DEP/ASLR exploitation, common hash detection

Network Protocols

Isolation of un-encrypted channels and unsecured network services

Boundary Probing

External probing, IPS evasion, isolation of attack surfaces and unfiltered ports, VPN interrogation
Breadcrumb proactively categorizes all discovered vulnerabilities, allowing for efficient remediation prioritization.

Zero Day

Vulnerabilities for which there is no vendor patch available and for which an active attack has been observed in the wild

Actively Attacked

Vulnerabilities that are being actively attacked in the wild

Easy Exploit

Vulnerabilities that can be exploited easily, requiring few skills and little knowledge

Denial of Service

Vulnerabilities whose payload could overload the compromised systems so that they become permanently or temporarily unavailable

Malware

Vulnerabilities associated with a malware infection

Public Exploit

Vulnerabilities whose exploit knowledge is well known, and for which exploit code exists and is publicly available

High Lateral Movement

Vulnerabilities that, if compromised, let the attacker propagate the attack broadly throughout the breached network

High Data Loss

Vulnerabilities whose exploit will yield massive data loss

No Patch

Vulnerabilities for which there isn’t a fix from the vendor

Exploit Kit

Vulnerabilities for which an exploit kit is available
Supporting all Major Platforms
"As a financial institution, data security is always a top priority. Breadcrumb’s insightful recommendations far exceeded our expectations. Having a trusted partner for all our cyber security needs has been invaluable.”
— Keith Hesterberg, CEO | Fresno Madera Farm Credit