Attaka

O n - d e m a n d v u l n e ra b i l i t y
assessment and management
 ATTAKA

Platform for Vulnerability Assessment

and Management
What is vulnerability assessment?

It is a process for the identification of networks and devices

vulnerabilities, performed before intruders can exploit such security
http://openware.biz

failures. Its result must prove whether the network security complies with
established policies.

Why subscribe to a vulnerability assessment service?

To detect possible failures in security policies.

To preserve the uninterrupted operation of your business and intangible
assets.
To fix software failures that affect your company's security,
performance or functionality.
To change software configurations in order to make them less
vulnerable to attacks or to improve certain functionalities.
To enhance antivirus software, firewalls, IDS/IPS and VPNs.
To achieve compliance with quality and management standards such as
ISO17799, Sarbanes Oxley, etc. Web Portal, home.

ATTAKA. A different kind of vulnerability assessment

"An integrated and cooperative management tool".

Attaka is one of the Managed Web Services (MWS) Portfolio components,

oriented to simplify your organization's IT processes.
Attaka is a unified platform for vulnerability assessment and
management, activated on client's demand. It cooperates with your
organization's IT Security and System areasSystems departments, by
identifying, reporting and recommending accurate solutions for your data
network vulnerabilities. Its accuracy also adds value to your company by
enhancing tasks of compliance with Official Standards and Procedures in
your Computer Security and System areasdepartments.
"Openware has developed an excellent expertise
as an integrator of added value technologies and
added value services to communications,
allowing its corporate clients to implement new
tools that increase their productivity.”
Marcelo Girotti
Commercial Manager
IMPSAT

It consists of the following modules:

Discovery: Asset consolidation and assessment (internal and external).

Reporting: Interactive, historical and dashboard reports with key

indicators and summarized information on vulnerabilities, statistics
and current infrastructure state.

Remediation: This includes documentation and workflow. Follow-up,

improvement and resolution of issues are recorded in the Patch
Management process (vulnerability remediation). The company
security areadepartment participates interactively and everything is
recordedregistered on the same platform.

Support: 24/7 on-line access based on ITIL Help Desk that provides
support and further information in case of you need it.

1
 ATTAKA. Continuous protection

ATTAKA assesses thousands of security vulnerabilities on network

environmentsneighborhoods, preventing system operating failures and
interruptions, while avoiding harm caused by virus, worms and crackers.
As vulnerabilities are periodically assessed, platform and client will enter
into a learning process and acquire a higher knowledge of the network
security state. Previous attacks will be recorded historicallyin a log,
allowing to know past and current security states through indicators
http://openware.biz

showing the vulnerabilities solved, pending and new.

At present, ATTAKA is the only platform in Latin America in process of

being recognized by MITRE*, which means the product or service uses CVE *MITRE organization CVE , Common
names, and is thus in compliance with international vulnerability naming Vulnerabilities and Exposures aims for
standards (http://cve.mitre.org/compatible/organizations.html#openware). standardization in vulnerability identification by
unique names.

More information at http://cve.mitre.org

Benefits for Your Organization Business

Drastically reduces the probability of strategic business information

theft and accidental loss.
Drastically reduces the probability of large financial loss due to
information leakage toward competitors and other actors in your
company's business environment.
Protects your company's most valuable asset: information.

Benefits in Technology Department

Scalable and adaptable to each organization.

Reduces operating costs, by minimizing TCO for vulnerability

assessment and management tasks. Reduces human error and false
positives, by double checking with our security specialists and
knowledge bases.

Easy operation and implementation does not require network changes,

special software or experts to make it works.

Complements and adds value to firewalls, IDS and antivirus software,

by detecting failures in their configuration.

Speeds up security troubleshooting processes, presenting added

information for a quick viewing of the company's vulnerability state,
complete details for each vulnerability ranked by risk level, and the
recommended action for solving it. Web portal, reports.

Scalable to IP networks of any size, with the possibility of assessing

hundreds of IPs per report/session.

Performs external and internal audits under company management.

Integrates with company's Help Desk to provide better support to

clients. Multi-language capability – Spanish and English. Flexibility to
incorporate Partners Look & Feel and its own logotype.

Possibility of performing remote vulnerability assessments in local

area networks (ATTAKA indoor) and IP numbers with no presence on the
Internet, through a new module in our Security Sensor (The Block).

2
 Service Line Scope

Attaka Outdoor

On-demand external vulnerability assessment, with the possibility of

adding remediation and support modules from Openware SOC (Security
Operation Center).
Performed on public IP addresses whether they are routers, firewalls,
http://openware.biz

proxys or servers.

Oriented to clients who: Why choose Openware Attaka?

Require an audit on security policies, their configuration and potential Leader in industry and sector.
risks, as well as an improvement process for detected issues; in Proven business track record.
compliance with quality and management standards such as ISO17799, Local and regional support.
Sarbanes Oxley, and others. ISP and technology independence.
Adds value to IT Departments.
Already have a security platform, generally implemented through a Easy and quick implementation.
firewall and/or IDS/IPS. Cost-effectiveness due to economy of scale.
Confidentiality of information through
Have servers exposed on the Internet (Mail, Extranet, Web, Proxy, signature of an NDA.
Portals, etc).

Have not yet implemented perimeter security or adequate control

processes.

Web Portal, remediation.

"Enterprises that implement a vulnerability management process will

experience 90 percent fewer successful attacks than those that make an
equal investment only in intrusion detection systems.”

Gartner, Inc.

3
 Attaka Indoor

On-demand internal vulnerability assessment, with the possibility of

adding remediation and support modules from Openware SOC.
Performed on public/private IP addresses, differentiating between
servers and workstations.
Requires installing The Block, Security Appliance, on the DMZ in the
network to be assessed.
http://openware.biz

Oriented to clients who:

Require an audit on security policies, their configuration and potential

risks, as well as an improvement process for detected issues; in
compliance with quality and management standards such as ISO17799,
Sarbanes Oxley.
Have critical servers with central applications. Do not have adequate
control processes for patch management.
“Openware's responsibility, ethics and
professionalism make it easy for us to choose
their services when we need solutions for
perimeter security and network infrastructure.
Moreover, adding the result produced by the tool
Attaka, the overall outcome is unbeatable.”

Oscar Salvucci
Require an intelligible vulnerability follow-up and management Information Security Manager
process, advised by experts, previous to external audits of Penetration Nuevo Banco Bisel S.A.
Tests.

Web Portal, support.

Segmentation for Servers and Workstations

Report Remediation Support

Professional
(1024 ports)
Business
(20000 ports)
Corporate
(full ports)

4
 About Openware

Openware provides management services and remote support for IT infrastructures, in

three fundamental areas:
Managed network security services.
Managed IT infrastructure support services.
Professional integration and securization infrastructure services.

The company works with a team of experienced professionals, who are trained to
work on-site as well as remotely, from their operation centers in Buenos Aires, Rosario
and Madrid.

Openware keeps strong strategic relations with technological partners the size of Novell,
Citrix, Cisco and Global Crossing.

Our strong positioning in the market, together with CSE and ITIL practices, allows us to
continue attracting and developing top-class professionals, in order to respond
accordingly to our clients' growth.

Openware Managed Security Services

Openware is one of the first managed service providers in Latin America. The managed
service line Openware has developed, is based on the long-term experience our company
has obtained as a provider of consultancy, integration and support services to large Latin
American companies and service providers.

Openware has optimized its experience and knowledge as a consultancy, integration and
IT support provider, during the last 10 years, by managing to automate processes and
reduce production costs and by designing its line of managed services.

Our managed service line is the best choice when seeking to significantly reduce data
network operating costs, and to simplify and make your company's technology platforms
more flexible. Thus, high costs in structure and human resources training and availability
24 hours a day, can be reduced. Managed services allow to outsource costly or complex
functions at a reasonable cost, in keeping with service quality standards and a high level
of security and confidentiality.

Products

On-demand vulnerability Intrusion and perimetral

assessment and management assessment management

IT platform and
infrastructure management

Europe Latin America

Rodríguez Marín 92, 1ero D
(28016) - Madrid - Spain
Phone No.: +34 91 771 41 76
E-mail: infoeuropa@openware.biz
Elvira Rawson de Dellepiane 150/Piso 7
(C1107BCA) Puerto Madero
Buenos Aires - Argentina
Phone No.: +54 11 43114353
Av. Francia 889
(S2002QRA) Rosario - Argentina
Phone No.: +54 341 4389041

E-mail: infolatam@openware.biz