Security teams rely on vulnerability scanners to proactively locate vulnerabilities in network
devices, hosts, and applications. These tools help improve the overall security posture of the
network by remediating exposure before bad actors have an opportunity to exploit it.
Although incredibly helpful, the data delivered by these tools is often overwhelming and not
presented in an actionable manner.
Forward Exposure Analysis helps security teams prioritize vulnerability remediation by combining the host vulnerability data provided by vulnerability scanners like Rapid7 InsightVM or Tenable Security Center with Forward Networks' modeling capabilities. By integrating with these popular tools, Forward Networks empowers security teams to identify in seconds any impacted hosts with critical vulnerabilities that can be accessed from the Internet or any other critical exposure point.
The Forward Enterprise platform helps make sense of the extensive data provided by vulnerability scanners by categorizing the data into three segments: Exposure Points, Overview, and Vulnerability Report. The Exposure Points default to the internet, but users can add additional exposure points like VPN connections. The Overview provides a high-level analysis that makes it easy to identify the number of vulnerable hosts and whether those hosts are modeled by Forward Enterprise. The Vulnerability report is perhaps the most valuable, detailing every vulnerable host that is exposed. Exposed host reporting includes:
- Vulnerable services
- Risk score assigned by the vulnerability scanner
- Number of critical vulnerabilities
- Reachable services from the exposure point, including Layer4 and Layer7 details
- Blast radius analysis for this host
To see the Exposure Analysis feature in action please watch a short video: