SAINT Security Scanner
The SAINT Security Scanner is a commercial vulnerability assessment platform. SAINT, which is an acronym for Security Administrator’s Integrated Network Tool, was initially developed as a free UNIX tool. Later SAINT became part of a commercial suite of tools for vulnerability detection, exploitation, and more.
The SAINT Security Scanner is available on multiple platforms, including both appliances and cloud platforms. The key capability of SAINT is to detect security vulnerabilities on any mix of servers, workstations, and networking devices and hosts. SAINT will gather information such as operating system types and identify open ports.
SAINT also provides a nice graphical user interface (GUI). The SAINT GUI brings excellent visibility to data management and analysis, scan scheduling and configuration, and a wide variety of reporting capabilities, all accessible through a web browser. The SAINT dashboard showcases easy-to-filter functionality to quickly sift through plain severity and get to the threats most important to an organization and its business. SAINT uses analytics data to give data business context to prioritize vulnerabilities. The SAINT tutorial overviews the basic on vulnerability identification, management, prioritization, and remediation.
The SAINT Security Scanner has added a multitude of features to its Security Suite, broader support for the Center for Internet Security (CIS) benchmarks. CIS benchmarks include baseline configurations and associated best practices for configuring a system securely using CIS controls. CIS controls include references and mapping to many other frameworks such as the NIST Cybersecurity Framework, ISO 27001/27002, and many others.
SAINT also includes important SIEM integrations, agent-based capabilities and various third-party ticketing integration. This ticketing system supports workflow automation, which allows security teams to customize and specify the process flow they want to use. SAINT also provides agentless scanning, which provides additional benefits. SAINT vulnerability probes can target assets contained and referenced in various policies.
Trending is always important in vulnerability management. SAINT provides a graphical trend line to easily visualize the relative state of cybersecurity resiliency. Severity sets can be customized based upon the needs of the enterprise so that prioritization decisions are optimized to the current situation. These severity sets can also be structured around different standards and frameworks to provide better alignment with compliance. These data structures allow data drill down to view detailed information about vulnerabilities
The SAINT Security Scanner is highly flexible. SAINT allows the alignment of vulnerabilities with Common Vulnerabilities and Exposures (CVE). CVD provides a standard methodology for sharing information on cybersecurity vulnerabilities and exposures. SAINT also provides for establishment of CVSS scores, known exploits, and more.
Reporting, especially for compliance, is always very important in any vulnerability scanner. SAINT provides predefined report templates which can be customized as required. SAINT supports scanning solutions for most of the commonly required compliance frameworks including PCI, FISMA, NERC CIP and SOX.
How does a SAINT security scan work?
SAINT reviews every accessible system (they must be powered on) on a network for both TCP and UDP services. SAINT then launches probes that will detect and identify anything that could allow an attacker to gain unauthorized access. This also includes potential for a denial of service (DoS) attack, or in some other way access and exfiltrate restricted information about the network. Then the SAINT scanner checks for known vulnerabilities. Once vulnerabilities are detected, the results are analyzed and then categorized so that users can move rapidly to find the information they find most important.
SAINT can identify and assess:
- Software vulnerabilities
- Operating system vulnerabilities
- Missing Patches and related issues
- Web application vulnerabilities
- Antivirus installations
- Configuration errors
- Sensitive information exposure
- And much more.
Vulnerabilities are often categorized according to severity, type, or count. SAINT also provides information about specific hosts or a specific group of hosts. SAINT describes each of the vulnerabilities using CVE, CERT advisories, and IAVA (Information Assurance Vulnerability Alerts). Most importantly, SAINT provides information on how to remediate the vulnerabilities. The SAINT scanner provides information on updates or new software versions that will mitigate the detected vulnerabilities.
SAINT provides critical remediation information
Fast, effective response to vulnerabilities is essential to managing and reducing risk. SAINT tutorials, rules-based ticketing, and automated workflows that will even automatically close open tickets once correct remediation has been found and validated. SAINT can reduce the time spent sifting through content so that security operations can more quickly prioritize and remediate the most dangerous vulnerabilities.
SIEM integration is key
SAINT integrates with SIEM, GRC solutions, incident response, and asset management systems.
Continuous validation and monitoring
SAINT allows for continuous monitoring and assessment on a 24 × 7 basis. This helps ensure that remediation actions have been correctly accomplished. SAINT’s automated recurring scans help make sure that reassessments and validation are conducted per your policies while still identifying any vulnerabilities that are identified.
How is the SAINT Security Scanner deployed?
There are several deployment options available for SAINT. You will need to navigate to the SAINT download portal and login to learn more: https://my.saintcorporation.com. The SAINT download option is a basic choice. SAINT is also available as a pre-configured virtual machine.
SAINT also offers a hosted scanning service via infrastructure called SAINTCloud. The SAINTCloud service is provided through hosted web servers as a shared multi-tenant environment. SAINTBox is a pre-configured appliance that provides an easy and affordable turnkey solution for getting started quickly and makes installation and updates easy. And finally, SAINT may also be acquired through the AWS Marketplace as a pre-configured machine image.
SAINT supportSupport includes phone and email Monday through Friday 8:30 a.m. to 6 p.m. at no additional cost. This may have changed, so please check in on the SAINT website https://my.saintcorporation.com.
Want to learn more? Check out our FREE Bugcrowd University to sharpen your hacking skills.
Organizations the world over need your help! Join our researcher community to connect with hundreds of organization programs focused on finding their security vulnerabilities. Our vast directory includes programs for all skill levels, across many industries and from around the world.
Get started with Bugcrowd
Hackers aren’t waiting, so why should you? See how Bugcrowd can quickly improve your security posture.