Service Agreement - Digital Defense Incorporated - Frontline Advanced Self-Directed Scanning

Home Browse Search

Frontline Advanced m - Self Directed Scanning Overview The Frontline Advanced subscription provides host discovery and/or vulnerability scans on external and/or internal IP-based systems and networks. Our technology employs a variety of scanning techniques to survey the security posture of the target IP-based systems and networks. These scans proactively test for known vulnerabilities and the existence of mainstream industry best practice security configurations. External scanning addresses all Internet -facing assets such as routers, firewalls, web servers, and e-mail servers for potential security weaknesses, checking for the "open doors" that could allow a hacker to gain unauthorized access to the network and exploit critical assets. Internal scanning addresses all internal assets such as workstations, intranet servers, and printers for Trojans, improper configurations, peer -to -peer (PTP) file sharing programs, and more. In addition to both executive and detailed technical reports, the Frontline Advanced subscription provides scan data management, host -based risk assignments, and remediation resources such as CVE data, Microsoft Security Bulletins and others and progress reporting. Scope The Frontline Advanced subscription provides each client who contracts for the service with scanning and scan data management of client -designated IP addresses for the term of the agreement. The service is available to all client -designated employees as well as contractors that support the client's information security program initiatives. Deliverables The Frontline Advanced subscription provides access to the secure Frontline Vulnerability ManagerTM (Frontline VM) platform which enables clients to perform the following key service functions: • Scan Configuration & Scheduling Clients can configure scans to run against a single IP address and/or a range of IP addresses. Clients can schedule scans to run on an ad hoc or recurring basis per contracted frequency. • Scan Results Management Clients can review the results of their assessment scans within the Frontline VM Scan Activity View. Additionally, clients can add comments or notes about detected devices to improve management oversight and audit reporting. Scan results include detailed information about devices found within target IP address ranges. The scan provides a great deal of information including a profile of each detected device, information on the vulnerabilities detected on the device, and detailed vulnerability remediation steps including P party reference links. Clients can view aggregate scan results and manage and track the progress of remediation efforts with Frontline VM Active View. Active View maintains accurate, holistic views of the computing devices connected to a client's network across scans with a powerful patented advanced network endpoint correlation functionality, Frontline DNATM. Aggregate scan results can be filtered and sorted and partitioned or segmented to better manage results across the client organization (e.g. client, region, statewide, nationwide etc.). Clients can also add comments or notes about reconciled devices in the Active View to improve management oversight and audit reporting. iigitaI lip r'is��, I11r.'°MOC I('oro 1)rw, `,nk J00, !"1ri AritnrI a In /8) Tall I rr 888 /3 111 .