FAQ
FAQ
Answers to your questions
Frequently Asked Questions
We have compiled a list of answers to frequently asked questions.
Information security is a sub-area of IT security and refers specifically to the protection of information from unauthorised access, modification or destruction. Information security is important because information can often contain sensitive data such as personal information, trade secrets or intellectual property.
Cyber security refers to the protection of computer networks, systems, devices and data from online crime threats, including malware, ransomware, phishing and other attacks. Cyber security is an important component of IT security.
An attack on information can have serious consequences, such as loss of data, theft of information, damage to the company’s reputation, legal consequences due to breaches of data protection regulations and impairment of business continuity.
IT security refers to the protective measures taken to ensure the confidentiality, integrity and availability of information and systems. It covers aspects such as network and server security, application security and data protection.
IT security is important to ensure the confidentiality, integrity and availability of data and systems. Businesses, government agencies and individuals are increasingly affected by cyber-attacks, which can have financial and legal consequences and affect customer and public confidence.
Increasing digitalisation and networking in all areas of life has led to an enormous rise in the importance of IT security in recent years.
There are various attack methods and means that can jeopardize IT security, such as phishing, malware, ransomware, social engineering, denial of service attacks, vulnerabilities in software or hardware and inadequate security measures.
There are several steps you can take to improve your IT security, including implementing firewalls and antivirus software, regularly updating operating systems and applications, using strong passwords, training employees on cyber security and conducting penetration tests.
Regular review and updating of these measures is also necessary.
Employees should be regularly trained and sensitised to increase awareness of IT security. A security policy should be created and implemented to ensure that all employees adhere to the same standards. Training can also be conducted using practical examples and exercises.
Digitalisation and digital transformation require more intensive protection of information and IT systems, as an increasing amount of data and information is processed and stored digitally. The security of information is therefore an important prerequisite for the successful implementation of digitisation projects.
The IT security of a company can be assessed through a risk analysis and an evaluation of the existing security measures. An external audit or penetration test can also be carried out to uncover vulnerabilities and suggest improvements.
Vulnerability management drastically reduces the attack surface of a company’s IT. In addition, vulnerability management allows other IT security solutions in use (IDS/IPS and firewall) to focus on the actual hotspots: The solutions receive information about the most critical vulnerabilities. This takes place within a process that prioritizes vulnerabilities based on accepted standards (SCAP) and company-specific factors and removes or mitigates them in line with critical business processes. Ideally, this process is part of a comprehensive IT security policy.
A security incident is an event in which the security of IT systems or data is compromised. These can include data leaks, unauthorised access, malware infections and other types of cyber attacks.
A security policy is a set of rules and procedures established by a company or organisation to ensure IT security
Vulnerability management is the process of identifying, prioritising and remediating vulnerabilities in IT systems and applications. The goal of vulnerability management is to minimise the risks posed by vulnerabilities by identifying and fixing them quickly before they can be exploited by attackers.
Our system only scans the environment defined by users of the hardware or virtual appliance for possible vulnerabilities. The person placing the order determines the target and thus the infrastructure to be scanned, whereby only company networks and no personal data (detailed definition in our privacy policy) are checked. The resulting data remains exclusively with the users of the appliance. No data is passed on either to the manufacturing company or to any third parties. In addition, the defined environment can be checked for compliance guidelines using preconfigured scan configurations to ensure that all components integrated in the system meet the required specifications.
The production and distribution of security software is not a criminal offense under Section 202c of the German Criminal Code (“hacker paragraph”). This was expressly clarified by the Federal Constitutional Court in its ruling of May 18, 2009 (2 BvR 2233/07). According to the Federal Constitutional Court, only the production and distribution of computer programs whose purpose is to spy on or intercept data is punishable under Sections 202a and 202b of the German Criminal Code. This requires that the software was developed with the intention of committing these offenses. It is not enough for a program to be suitable for the commission of computer crimes. As our software is developed and used for security purposes, it does not fall within the scope of § 202c StGB.
A penetration test, also called a pen test, is a method of assessing the security of IT systems and applications by performing an authorised attack. The aim is to identify vulnerabilities in systems and applications before they can be exploited by attackers.
In contrast to other security solutions, vulnerability management allows you to view your IT infrastructure from the outside – from the perspective of a potential attacker, so to speak. The aim is to find every existing vulnerability in your IT infrastructure. And that’s not all: our solution shows ways and processes to eliminate them. There is no other solution that could take over these functions completely.
Click here to access the contact form for product inquiries.
Talk to us about a trial.