Wazuh and NMAP integrarion for Network Vulnerability Scans

Intro

Organizations are challenged by identifying assets across the enterprise and defining processes related to:

• Identifying present vulnerabilities that might compromise those assets.
• Classifying all detected vulnerabilities according to their severity and impact.
• Evaluating the likelihood of existing vulnerabilities being exploited by external and/or internal actors.
• Implementing vulnerability management processes.
• Integrating vulnerability management in risk assessment.

The EDR solution as implemented by SOCFortress includes a vulnerability scan module capable of gathering the agent’s operating system and installed software and running all the information collected against the NIST CVE Database.

With the NMAP integration described in this brochure the vulnerability detection capabilities part of SOCFortress’ service portfolio are extended to network devices and any other IT assets in an organization where the EDR agent can’t be installed.

Vulnerability Management and NIST 800–53 Security Controls

Wazuh and NMAP for Ports Scans