Vulnerability Assessment Services

Vulnerability Management

The Vulnerability assessment and information service helps detect and manage internal and external vulnerabilities within your IT estate, helping you to manage your security risks, compliance and quality. The service is available as a single supplier framework agreement through Khipu Networks.

About the service

JISC procured the Vulnerability Assessment Service on behalf of the UK education and research sector, awarding a single supplier framework agreement with Khipu Networks. Following a rigorous OJEU competitive tender process, Khipu were selected to provide the following services:

  • Vulnerability assessment: Provides automated, predetermined security vulnerability assessments of your IT assets.
  • Vulnerability management: Produces reports which verify IT assets against new vulnerabilities and provide measurable information on improved IT security.
  • Vulnerability information: Keeps track of announcements, vulnerabilities and patches in your IT infrastructure.

Key features and benefits

 

Improved security

The service meets the highest security standards and is ISO9001 and ISO27001 certified. It helps your organisation to detect vulnerabilities such as Heartbleed and Shellshock.

Tailored service

The service is specifically tailored to meet the needs of the UK education and research sector and offers you the flexibility to scan your own networks and generate bespoke reports on known security vulnerabilities specific to your systems. These might include user owned devices and network enabled devices such as routers, printers, telephones and webcams.

Easy installation

This solution can be integrated into your organisation’s existing infrastructure easily, to significantly increase your broader security defences. Its service tools integrate well with other IT security functions and installations e.g. firewalls, ticket systems and SIEM.

Compliance

The service automatically verifies whether your IT security policies are followed and implemented through compliance and secure configuration modelling. By identifying and resolving vulnerabilities on your network, the service helps your organisation reduce the risk of information security breaches and associated costs.

Saved purchasing time

Jisc selected Khipu Networks following a rigorous OJEU competitive tender process, saving you time and money so you don’t have to undertake your own procurement exercise.

 

  • David Willcox, Head of Networks, Birkbeck University of London

    The implementation of Khipu’s Pro-Active Support Service ‘KARMA’ was straightforward and it highlighted potential problems the first weekend in operation, preventing a potential service outage. We welcome anything which improves our monitoring and notification capability, and KARMA has proved its worth a number of times since, while releasing staff from day to day monitoring and housekeeping tasks.

  • Head of Systems & Security, University of Nottingham

    Using Khipu’s remote registration solution, the student move-in period for 2012 was our most successful in-take to date. We had over 5,500 students remotely register to our service so that upon arrival, they simply connected to our network as if they were at home, with no impact to their experience or to our helpdesk service team.

Service packages

These services are combined into four different packages. The first three are provided as managed services and the fourth is a self-managed approach where Khipu Networks provide maintenance and support.

PCI-DSS scan

Scanning of named public-facing IP addresses for PCI compliance with self-assessment or PCI-DSS ASV Cert through a centrally hosted solution

External and URL scan

Scanning public-facing IP addresses and website URLS through a centrally hosted solution.

 

Internal scan

Scanning of internal assets through a deployed device/ sensor or tunnelled connection.

Supported appliance

Includes all other packages except PCI-DSS ASV using a deployed appliance supported by Khipu networks.

 

Get In Touch

To discuss which of these four packages will best meet your organisation’s requirements for vulnerability
assessment, management and information, contact Khipu now by email or call 0345 272 0900.

Contact Us