An overview of McAfee Vulnerability Auditing Process
McAfee SECURE certification is achieved by passing rigorous daily network security audits. The certification process is completed in six steps. The first three steps are the vulnerability audit itself; comprised of Dynamic Port Scanning, Port-level Network Services Vulnerability Testing, and Web Application Vulnerability Testing. The fourth and fifth steps are alerts whenever vulnerabilities are detected and remediation management using our extensive vulnerability management portal. The result is highly effective, pro-active security.
- Step 1 - Port scan
- Interactive, dynamic port scans check all IP ports regardless of the complexity of your IT infrastructure
- Step 2 - Network Security Scan
- The service is determined for each port and a check performed as to which software is being used. A link is established with our database of security issues and specific tests are launched to detect vulnerabilities.
- Step 3 - Web Application Scan
- Hackers make use of the application layer in more than 70% of cases in order to gain access. This includes system configurations and programming errors including XSS and SQL injections.
- Step 4 - Alerting
- You will receive a message by e-mail alerting you to any security vulnerabilities found, which can be viewed in your personal dashboard.
- Step 5 - Analysis and Resolution
- The online dashboard details the vulnerabilities grouped by priority together with suggested solutions.
- Step 6 - McAfee SECURE-logo
- Based on the outcome of the scans, the McAfee SECURE logo is displayed including a date stamp.