Insourcing for simple, low-cost, and fast security assessment
VAndS enables tool assessment, support for handling security assessment results, and manual testing to be conducted as required by the customer. This means minimizing and optimizing the costs for hiring, training, and maintaining expensive tools and specialized personnel who have been required for in-house support.
There is no need for complicated settings to introduce the cloud security diagnostic tool. After registration of the host to be assessed, inspection can be performed simply by recording the URL and parameters of the screen to be inspected in the tool, so security diagnosis can be performed without putting a heavy workload on the person in charge for installation and maintenance.
“I found the vulnerability, but I do not know how to handle it.” In order to help solve such issues, we have highly experienced security consultants at our vulnerability support center. They also provide specific advice when there are issues with investigating and handling security assessment results due to a lack of the required in-house knowledge.
In addition to tool assessment via the tool, when quality checks are required from a wide range of assessment perspectives such as pre-service release, adding large-scale functions, and conducting periodic assessments, SHIFT security engineers can perform comprehensive manual testing based on items that meet international standards.
As an optimal tool for security assessment insourcing, VAndS selected the tool for the ease of incorporation into CI environments such as Jenkins. This enables repetition of continuous assessments regardless of the development phase and assessments from important security perspectives to be performed at any time.