SSH Risk Assessment

Take the first step to solving the SSH compliance problem

Contact usWhat's included?

vincent-guth-pziQZlPhVdE-unsplash-1

Non-disruptive SSH Risk Assessment service

We use unique scanning technology that does not affect ongoing SSH-enabled access, such as critical machine connections in financial and industrial environments. The outcome is a comprehensive prioritized report that identifies PAM bypass and helps you mitigate SSH Key risk, gain compliance and pass your IT audit.

SSH Risk Assessment is available before committing to any UKM purchase. The main goal is to determine what security risks and vulnerabilities exist due to SSH Keys in your IT environment and how you you can meet your specific compliance requirements.

What's included?

SCREENSHOT_Risk_assessment

Reveal PAM bypass and take all connections under management 

Our SSH Risk Assessment service is able to analyze your estate, and identify and flag SSH Keys that have been used for logins and those that have originated outside of policy-mandated PAM solutions. Our advanced software can also identify connections using other authentications, such as passwords, that originate beyond your PAM software.

ssh-risk-assessment-authorizations-to-production-servers

Transitive trust analysis mitigates lateral movement

Our non-disruptive discovery technology reports on possible pivot points that malicious actors can use to exploit to access user data. Many well-known data breaches, involving both internal or external actors, involve unmanaged SSH Keys that enable lateral movement between servers that goes undetected by security systems.

SCREENSHOT_Risk_assessment2

Segregation of duties data protection requirements

Analyze and identify SSH Keys that enable connections outside an approved perimeter. For example, you can identify all keys that provide access to your production  environment and potentially allow unauthorized access to sensitive databases, like healthcare, credit card or customer data.

SSH.COM is trusted by
Global

Designed with and for the world’s biggest corporations

SSH Risk Assessment is a professional service from SSH.COM for large organizations that provides in-depth information around the use of SSH and key-based authentication in complex IT infrastructure.

We leverage our in-depth technology expertise, our industry leading IP, our custom-developed scanning and reporting software, and our wide-ranging experience with thousands of enterprises and state/federal agencies, to provide a service that is fast, efficient and effective.

Checklist

In-depth analysis and your path to success

Our detailed reports provide visualizations that illustrate trust relationships that are within and outside of policy and from known and unknown sources.

Executive summaries, charts and graphics give your team actionable information for internal stakeholders in audit, risk, compliance and the C-suite.

You gain clear understanding of the scale of your SSH key risk and exposure and prioritized recommended actions for success.

SCREENSHOT_Risk_assessment2

SSH Risk Assessment projects include comprehensive documentation

  • An audit of your SSH Key Environment, i.e. determining what you have now.
  • An inventory of all active (or potentially active) SSH Keys in your environment.
  • An IT Security Risk Assessment Report
  • Recommendations to solve and/or remediate your uncovered situation.
  • SSH Key Usage Analysis e.g. using data from syslog import.
  • SSH Login Analysis e.g. login method & successful/failed access attempts.
  • SSH Key Compliance Analysis e.g. against NIST, SOX, HIPAA, PCI-DSS, and/ or SANS CIS rules as desired.
  • SSH Server Configuration Compliance Analysis e.g. against NIST, SOX, HIPAA, PCI-DSS, SANS CIS recommendations.
  • SSH Key Environment Monitoring for a predetermined period.
  • Monitoring determines what is actually occurring in your environment, so you can make an informed decision.

    Learn how major corporations mitigate their SSH risks

Talk to our experts about our non-invasive SSH Risk Assessment service for complex SSH environments

Thanks for submitting the form.