Vanguard offers a hybrid vulnerability management solution where automated scan results are reviewed by certified professionals for enhanced insights and more bespoke reporting.
So what's included?
What is it?
The security team will identify scanner findings that warrant further analysis, sometimes escalating the risk profile beyond what has been recommended by the scanner.
Why is it important?
The context of what's actually exposed and what could be done by an attacker can often be much worse than the scanner's default risk rating. For example, exposed files or code leading to credential disclosures, further access, and an attack chain leading to upgrading the risk from e.g. 'Medium' to 'Critical'.
Where can I see the results of manual investigation?
The results of any further investigation will be communicated via on Advisory on the Issues page. On the right hand side, you'll see a drawer with a description and remediation advice. Clicking on the See evidence button will show you what the security team have submitted for your reference.
False positive reduction
What is it?
Intruder's security experts will take a look into occurrences that have been flagged by users as false positives. A manual investigation will be carried out to try and determine whether the occurrence(s) are legitimate concerns or not; where possible, our experts will aim to cross-check findings against other security tools.
What are the benefits?
Scanners don't always get it right and can inadvertently cause misdirected security efforts – wasting your precious time.
An investigation by a security expert, provides assurance that any findings have been reviewed by a second set of eyes, specifically those trained in this practice.
Where can I find issues marked as false positives
Any findings deemed to be a false positive will be automatically snoozed by a member of the security team and a description provided for your reference):
You can keep track of any false positives in the snoozed section of the portal: