What is Bitdefender BOX Vulnerability Scan?
Internet of Things (IoT) devices are commodity products, and the only way to make a profit is to keep costs to a minimum while increasing production. While security should be a top priority for all vendors, real-life shows that security and security testing are the most frequently overlooked aspect. Some of these devices ship with default or hard-coded credentials. Others harbor bugs in the firmware that can be remotely exploited. Most owners are unaware of these security flaws until their devices are exploited.
Bitdefender BOX incorporates technology to help users understand which devices on their network are affected and how they should address this. Vulnerability Scan is a Bitdefender BOX feature that scans your network, identifies and informs you about all vulnerabilities found in connected devices and network equipment that can compromise integrity by leading to remote, unauthorized access, data theft, or malicious attacks.
From experience, we know that hackers will not breach your smart TV to turn it on and off or to zap between channels, but rather to gain access to your other devices. It only takes one weak device to allow access to your entire home network. Fortunately for you, Vulnerability Scan can help you identify these vulnerabilities and remediate them quickly.
How does the Vulnerability Scan technology work?
Whenever you plug a device into your network, Bitdefender BOX picks it up and identifies it using several proprietary technologies. After it is correctly identified, it passes to the Vulnerability Scan technology for a series of tests specific to the device make and model to identify misconfiguration and flaws.
Some of these tests are related to the way it interacts with the network. They include checks for open services that might inadvertently expose the device to the outside world (SSH, Telnet) or default credentials known to ship with the device. A dictionary attack is also run to identify weak passwords that may have been set by the vendor or user.
Bitdefender BOX goes much deeper into probing for flaws than other IoT security appliances. Bitdefender Cyber-Threat Intelligence analysts create “device cards” by compiling public vulnerabilities (CVEs), as well as issues discovered in-house, to give users a full overview of their security posture. In-house research includes manually inspecting the devices’ firmware, cloud-based components, and web apps to piece together a complete view of the device’s security.
Bitdefender BOX keeps a vigilant eye on these devices. After the initial automatic vulnerability scan, users can initiate an on-demand vulnerability assessment for any device online whenever they need one. It’s as easy as tapping a button!
Assess network vulnerabilities with Bitdefender BOX Vulnerability Scan
By default, all devices are scanned for vulnerabilities the first time they connect to your Bitdefender BOX network.
To perform an on-demand vulnerabilities scan:
1. Open the Bitdefender Central app installed on your smartphone and go to the “Devices” icon at the bottom of the screen.
2. In the list of devices, select the device you want to scan for vulnerabilities. To illustrate, we chose an Android phone.
3. Scroll down until you will see the Vulnerability Scan card. Tap on it to initiate the network vulnerability assessment.
Fix Vulnerabilities
After the vulnerability scan command is sent to a device, make sure the selected device is online to receive the command.
As soon as the vulnerability assessment is complete, the total number of vulnerabilities identified will be displayed. By tapping the View Report button in the Bitdefender Central app, you can review the status of your devices and address each issue to keep your environment secure.