Xentinel Remote Security Auditing Process

1. Port Scanning: The first phase in our security auditing is to find open UDP/TCP ports on the target host. Xentinel test not only the most common used ports but the full range of available ports, this is 1-65535 both UDP and TCP. A full port-range scan takes longer than scanning for common ports but ensures unauthorized services like Trojan Horses and Worms can be detected and identified by our scanner.
   
   
2. Network Service Fingerprinting: The second phase is to identify which service is running on each previously open port detected. Xentinel uses fingerprinting for identifying services, this method assures our system can recognize for example a HTTP service running on a non standard port like “321” and test it only for vulnerabilities affecting that service under the also detected operating system, reducing the time of scanning and the issuing of false positives, also reducing unnecessary bandwidth consumption that can overload your servers.
   
   
3. Network Service Vulnerability Testing: The third phase is to test each fingerprinted service found for all known vulnerabilities. Our vulnerability knowledge base includes more than 10,000 security checks including tests for Services that need to be updated, operating system configuration, Unnecessary services running on your server that can be a door for new attacks, unknown services running on your server mostly Trojan Horses or Worms.
   
   
4. Web Application Security Testing: A fourth phase crawl your web server identifying every linked web page. Xentinel maintains information about all existing web pages allocated at your web server. As we scan your servers daily, we can detect any new page added to the website or web application and automatically include the new page to be scanned. Daily web application tests includes: Module for testing CGI vulnerabilities. Module that performs parameter manipulation for script files looking for problems like Cross Site Scripting, SQL Injection, Code Execution, Directory Transversal, File Inclusion, Script Source Code Disclosure, CRLF Injection, Cross Frame Scripting, PHP Code Injection. Module for performing file check (backup files, etc), Module for testing directories and files (Directories that may expose sensitive information, etc.)
   
   
5. Alerting: The service automatically alerts you via email when a new vulnerability is discovered in your system, when a port has changed it status and when our HACKER RADAR™ technology issues a new alert due by direct hacker intrusion.
   
6. HACKER RADAR™ Technology: Xentinel’s HACKER RADAR™ technology implements a real time intrusion detection system built in our seal. Capable of detecting Cross Site Scripting attacks and SQL Injection just by including our security seal in every page you want to protect. As our seal is installed in your page the query string passed to your web server is stored in the referrer variable of the web request and is sent to our server were it is analyzed in every request made to any web page wearing our seal. Xentinel compares the query string passed against our HACKER RADAR™ database and if a suspicious string is found it issues an alert letting you know you are under attack.
   
   
7. Continuously Monitoring: Automated scans are launched daily mostly at the same hour every day, and small scans containing few checks are launched at any time a new vulnerability is added to our database assuring your website security is tested not only on a daily basis but also at the minute you can become at risk.
   

Did You Know?

Xentinel stays ahead of hackers with cutting-edge techniques, including a team of internet security experts whose job it is to try and come up with new ways to break into our test servers.