VMP FAQ

A list of the most frequently asked questions about VMP.

FAQ

Q. What services are offered as part of the VMP service?

A. Pondurance provides monthly vulnerability scans of devices connected to the internet (External Vulnerability Scan) as well as quarterly vulnerability scans of your organization’s internal network (Internal Vulnerability Scan). We also provide information related to recently reported vulnerabilities to software and hardware running in your environment through a customized Weekly Threat Report.

Q. How are vulnerability scan results reported?

A. There are two options – you can choose to receive results delivered to you in an Excel file, or you can elect to have results uploaded to an online portal hosted by one of our partners, Kenna Security. The file-based results show all vulnerabilities identified over the prior two scans, while the online option offers more versatility – allowing you to sort and track vulnerabilities over the lifetime of your VMP service.

Q. What special equipment is required for vulnerability scanning?

A. For external scans, Pondurance hosts a scanner at its data center, so all you will need to do is provide us with a list of IP addresses and domains that you would like scanned. For the internal network, we will ask you to stand up a virtual machine that hosts the scanner, and connects back to Pondurance securely over a VPN. We also will need a list of subnets to scan, along with your preferred window for automated scanning activity.