Frequently Asked Questions
What’s the difference between a vulnerability assessment and a pentest?
There is a lot of confusion here with most companies out there selling vulnerability assessments as a pentest. A vulnerability assessment in summary is a snapshot of your current security status showing open ports and vulnerabilities in applications that can be exploited. A pentest should only be conducted once you believe your network or assets are secure after vigorous testing with vulnerability assessments and hardening. A pentest is the actual exploit of your asset, be an application or database as an example. A vulnerability assessment will provide you with a report showing what your current state and known vulnerabilities are. A pentest will provide you with a copy of your client database as an example.
What is the difference between a vulnerability assessment and Live vulnerability management?
Vulnerability Assessment is a snapshot in time, the day after it is outdated. Vulnerability management with our agent is live monitoring which provides a constantly updating assessment of your security.
Do you provide discounts for large deployments?
Yes, we do, with larger networks there are savings for us and we pass those on. So please contact us with your requirements.
It’s just doesn’t make sense to me, why should I bother?
That’s what we are here for. We know that you may not understand the information provided, that’s why we let you know what’s important and what isn’t and how to fix each vulnerability.
So why don’t you fix the issue on our assets?
In most cases, you will already have someone who looks after your computer, server or other devices and is familiar with your environment and in a better position to apply fixes. If you don’t, just contact us and let us know and we will have a trusted partner assist you.
Do I still need antivirus and a firewall if I have Damocles Security Live Vulnerability Management?
Yes, you do. We are here to enhance your security and let you know about vulnerabilities you may be exposed to. Anti-virus and firewalls are extremely important and should always be used.
I’ve got a firewall and antivirus program already, why do I need Damocles Security Live Vulnerability Management?
We get asked this question a lot, whilst these two questions sound similar, they are far different and actually work together to enhance your security and reduce risks. Clients who have this already are shocked when they see how many vulnerabilities are still present on their PC or server despite having what they believed to be the best antivirus program on the market. Whilst some of the programs hand pick a vulnerability to say “you were safe from this with us”, you are still opened to other threats that they just don’t have exposure to. Virus takes advantage of vulnerabilities in your environment, remove the vulnerability and you remove your exposure to that attack, this is common for WannaCry and Petya Ransomware attacks.
So who uses Damocles Security Live Vulnerability Management in general?
As an example, most large financial organizations are required for compliance to do this, others are required to have annual checks done. We believe everyone has the right to be protected so we have developed our service to cater to those who simply don’t have the budget to do this or don’t have the skill set, by offering enterprise-level products and services to everyone. Why is a small café less important than a large insurance company? The small café is generally the owner’s money at risk with ransomware for example, whilst a large insurance company is someone’s else’s money. Both are important and now both can be protected.