RedCheck scans network hosts, centrally and/or locally, for vulnerabilities in operating systems, general purpose and specialized software. Both manual and automatic vulnerability audit options are available, being triggered by jobs preset in the management console. The scanning can use either always-on managed agents or an agentless technology. The checks compare the system parameters against vulnerability signatures kept in the open repository OVALdb and defined in SCAP format. Today, RedCheck database contains vulnerabilities of 1,000+ software programs:
- All Microsoft Windows editions (except Home Edition), starting from Windows XP / Windows Server 2003 and higher;
- Linux: Red Hat Enterprise Linux 3+, SUSE Linux Enterprise Desktop 10+,
SUSE Linux Enterprise Server 10+, Ubuntu 4.10+, Debian GNU/Linux 2.2+
Debian GNU/kFreeBSD 6.0+, Oracle Linux 5+, openSUSE 12.1+, CentOS Linux 2+, etc.;
- Office software and browsers: Microsoft Office, LibreOffice, Adobe Acrobat/Reader, Adobe Photoshop, 1С, WinRAR, WinZip, 7Zip, ACDSee, Crystal Ent, Microsoft Explorer/Edge, Google Chrome, Firefox, Opera and many others, with a total of 600+ programs;
- Frameworks, crypto libraries, plugins, etc.;
- DBMS: Microsoft SQL Server, Oracle Database, MySQL, PostgreSQL;
- Application and web servers: IIS, Apache, NGINX, .NET Framework, etc.;
- Virtualization software: Microsoft Hyper-V, VMware ESXi/vCenter, and Xen,
The vulnerability database is updated and enriched with new platform and product vulnerability definitions on a daily basis. All the security content used by RedCheck is synchronized with NVD (National Vulnerability Database) and automatically updated each time the program is started. The support of OVAL standard language allows users to download vulnerability definitions from third-party sources or develop custom definitions.
Database security audit
Database servers usually contain the most sensitive information, loss or disclosure of which may cause financial losses and regulatory sanctions. An effective tool for DBMS security management, RedCheck provides scan reports as unbiased and well-grounded documentary proof of regulatory and national standard compliance.
While searching for vulnerabilities and non-installed critical updates, the scanner can also check the settings of:
- Access management for database servers and network resources;
- Authentication and privileges;
- Data protection, cryptography, and encryption;
- Update control and installation;
- Event audit and logging;
- Backup and disaster recovery;
- Interaction with apps and users;
- Secure use of stored procedures;
- and much more.
The suggested configurations are based on vendor recommendations and developed to bring balance between DBMS functionality, performance, and security. SCAP-based compliance policies enable users to customize and expand configuration assessments without any assistance.
Detailed audit of virtualization platforms
Today’s hypervisors provide decent security, reliability and manageability but need to be taken care of as any physical desktop does. Virtual machines are also exposed to data loss/corruption, viruses and hacking and thus need antivirus protection, installation of updates, regular configuration and vulnerability monitoring, data backup and virtualization environment redundancy, compliance with setup and secure operation guidelines.
RedCheck is the best-of-breed solution for comprehensive audit of virtualization platforms, enabling:
- Vulnerability audit of virtualization environments and control centers;
- Update audit;
- Security parameter configuration audit;
- Inventory of virtual and physical appliances and software scope;
- Integrity control over hypervisor configuration files, mission-critical libraries, and data files.
The compliance policies are based on Security Hardening Guides and other best practices.
Thanks to integrity control function, RedCheck can detect and notify of any unauthorized modifications in configuration files, folders, registry branches, or critical data files, and can thus complement antiviruses in combating zero-day vulnerabilities, which are capable of replacing system files or adding their own files. When activated, the control mode checks master file integrity at preset intervals with follow-up notifications of even minor changes.
The scanner can block the file run in case of the integrity breach being detected in an executable file or utility library, thus making RedCheck an ideal choice for information systems, which are subject to stricter security requirements.