Security & Anti-Fraud

Data Vulnerability Assessment

A full package that assess your vulnerabilities enabling you to focus on your core business.

The context

In an increasingly complex environment – both in terms of technical equipment exploitation and increasing threats – managing and controlling vulnerabilities are key success factors.

In 2016, for example, an estimated 78% of business compromises were based on the exploitation of known vulnerabilities.
Knowledge of the level of protection of the company’s infrastructure has therefore become a core element of the CISO’s concerns. This issue presents a double challenge:  

  • Securing applications and infrastructures
  • Assessment by relevant indicators of the evolution of the overall level of protection of the company
data-vulnerability

Alternative

Recurring pentest campaigns are one of the solutions envisaged to detect vulnerabilities affecting infrastructures and applications. However, whether these intrusion tests are carried out by in-house teams or external service providers, the cost of this approach remains a deterrent to its systematic adoption. Pentest can be used for advanced analysis but it is not recommended as recurring method.

Did you know?
Companies found that in the vast majority of cases (92%), attacks against them were not the result of the exploitation of a 0 day but of unpatched vulnerabilities, often which had been published for more than 6 months (as this was the case with WanaCry and Petya / NotPetya ransom software).
Being protected against such attacks is now a MUST for operators, ISPs or Content providers.

The pragmatic solution
Automatic vulnerability scanning solutions enable recurring and frequent updating of the most critical and often exploited vulnerabilities present on a client’s network and applications.

This automated approach makes it possible to optimise the level of detection and the frequency of diagnostics performed with regard to a financial investment that remains acceptable.

Our Data Vulnerability Assessment offer of Orange International Carriers

Data Vulnerability Assessment enables you to detect, quantify and prioritise vulnerabilities in a system (an IP address or a website). Based on an easily deployable SaaS solution, it scans the selected systems on a regular basis and delivers expert reports allowing you to consider remedial action or additional analysis studies.

This managed solution offers, as an option, reports of several levels of depth in the technical analysis of vulnerabilities and global indicators of the state of the park. Therefore, it addresses not only technical players (management, operations…) but also experts. It takes into account the criticality of applications and infrastructures to provide you the most effective recommendations (prioritisation, analysis, solution).

 

Offer key points

Assess the level of protection and to detect the vulnerabilities present on your information system in a recurring way

Provide global indicators tailor-made by the our experts to enable your CISO and your management to follow the evolution of the level of security of your assets

To delegate the administration, configuration and implementation of the vulnerability scan solution our  expert teams thanks to our managed service solution.

Peace of mind

Thanks to its strong experience on cyber security, we brings you a peace of mind :

  • The partnership with Qualys, the recognised world leader in Vulnerability Assessment
  • Our offer protects ISPs and critical web sites of the French government

 

Reporting Options

In order to contextualise the analysis of vulnerabilities, recommendations and global indicators allowing patch management monitoring, we chose to propose 3 types of reports tailored to the customer needs:

  • A monthly managerial synthesis, providing the CISO and its management with global indicators on the state of security of the equipment of its fleet and its evolution over time,
  • A monthly technical report, integrating context and clarity into the analysis and solutions for the main vulnerabilities detected,
  • A quarterly recommendation report, describing a complete remediation plan adapted to the Client context for the 10 most critical vulnerabilities.

Here below are some examples of reports:

managerial-synthesis

Managerial synthesis

technical-report

Technical report

recommendation-report_imagelarge

Recommendation Report

Reseller Option

If you are an operator or an ISP, but also a reseller on your local market, our Data Vulnerability Assessment service can be easily resold to your local ISPs or Corporate customers thanks to our B2B option.

How it works

Following a period of setup where we collect the list of assets you would like scanned (external IP addresses, external web sites), on a regular basis we provide you with industrialised and optionally customised reports according to your needs via a secured web portal, to which you will have access.

qualys_reference

Our customers' testimonials

report
Stéphane Oudin
CEO of Axian Telecom

“Overall, we are very satisfied with the security services Orange provide. The solution will allow us to protect large operations over all of Axian’s affiliates.”

Read more here



Interested in our solutions?

Ban_listening - responding_White
delivery-footer
Delivery
86% of our customers tell us they are satisfied or very satisfied with the way their offers are implemented
customer-care-footer
Customer Care
Our customer service center provides 24x7 care through the Orange eCare
service-manageemnt-footer
Commercial relationship
94% of our customers are satisfied or very satisfied with their account manager and 90% of our customers commend us
billing-footer
Billing & cash management
90% of our customers are satisfied or very satisfied with our billing process
Follow us
  EventsEvents NewsroomNewsroom
Legal matters Personal data Contact us Orange.com Orange Wholesale France Orange Marine eCare