CBS IT Systems, to improve information security in your infrastructure, recommends the automatic search, recording and evaluation of vulnerabilities (Vulnerability Assessment) through specialized software (CVE scanner).

Microsoft recently announced indicative vulnerabilities (in the link here) specifically for the Exchange on-premise software (versions 2010, 2013, 2016, and 2019).

The entire Vulnerability Assessment (VA) process is applied to systems as well as network devices (IT/OT) of all kinds and is performed in the internal part of the infrastructure (logged-in scanning) so that maximum functionality is possible and the results also cover applications.

The software will perform the following on a specific list of IP Addresses, provided that full network access is available:

• Network mapping
• Infrastructure mapping of other information infrastructures such as Directory Services Infrastructure, Groupware / Mail Infrastructure, databases, etc.
• System mapping & OS & missing patch levels
• Application mapping & port lists on servers and user endpoints

Based on the above recordings, we will deliver a report with the vulnerabilities on each device (virtual or physical) as well as technical details on how to resolve them.

The service can be offered on a 6-monthly or annual basis so that periodic checks are performed with an updated database with newer attacks (CVEs) and improvements from previous checks are evaluated.

The security gaps or vulnerabilities that will be recorded (and individual upgrades as above for Exchange on-premise) can be resolved by Cosmos Business Systems’ team of certified engineers (with updates, upgrades, patches and security audits) and followed by an iterative VA for re-audit and final documentation.