Lywand does a thorough check (like web servers, VPN gateways, mail servers, web applications, etc.) for security holes and potential entry points from the perspective of a possible attacker. We also check if stolen company data might be floating around the dark web.
We've set up a scan cluster with a broad base. For this, we use in-house scanners and also rely on tried-and-tested open-source tools. In the background, there's a database with more than 150,000 vulnerabilities.
Known security vulnerabilities: An up-to-date CVE vulnerability database helps quickly spot new security gaps.
Configuration and encryption: "Best practice" standards are checked, and any deviation gets reported as a vulnerability.
Web security: Web applications are checked against the OWASP Top 10 security risks.
Password leaks: We've got a connection to the HIBP database to spot data leaks.
Checks of the external infrastructure are usually done monthly automatically. You can change the interval any time in the customer's infrastructure. It's also always possible to trigger an external check manually on the platform if needed.
The duration of the security check can vary and is dependent on the size of the scope. For a small or medium infrastructure, the check takes about 1-3 hours, for a large infrastructure it can require several hours.
As soon as the security check is done, you’ll get an automatic notification via email.
With the internal security check, we distinguish between internal Agent Checks and internal Network Checks .
For checking internal endpoints like client or server systems, our specially developed lywand Agent takes care of that. It’s installed on compatible Windows devices and checks the system for known vulnerabilities (CVEs), best-practice configurations, and current patch status.
To cover as much ground as possible, we also check some basic security mechanisms like the firewall status, current antivirus software, or the use of Office macros. The results of the check are updated daily in the platform.
Additionally, we offer an internal network check. This checks devices found in the network for security gaps, even if there's no agent installed on them. This way, you can include devices like Linux servers or printers in the security check-up too.
System hardening
Known security vulnerabilities (CVE)
Here you can find a detailed list of the products we check.
The first check happens right after the agent gets installed on the device. After that, each device gets checked automatically every day. Users don't have to do anything for this.
As soon as the agent is installed on a device, the first check starts. Depending on how much software is present, it can take from about an hour to several hours until the results show up on the platform.
On end devices, all local users are read out by the system. Domain users can only be identified if the agent is installed on the domain controller.
Known security vulnerabilities (CVE)
Configuration and encryption
System hardening
The frequency of checks for the internal infrastructure can be configured by the user in the platform. You can choose between weekly, monthly, or quarterly security checks. It's also possible at any time to manually trigger an internal network check in the platform whenever needed.
An internal network check can take several hours depending on the size of the network and the number of devices. Once the check is complete, the results will be updated on the platform.
