Find the network threats that put your business at risk
A cloud delivered scanning solution to proactively assess the network and application risks your company might face – potentially saving you thousands.
Stay up to date and protected from threats
Vulnerability Services scan fixed IP addresses and web applications to assess and reduce the risk of known cyber security breaches, including zero-day threats. The solution also helps you meet compliance standards and provides network insights to prioritise your network security investments.
It’s backed by the world-leading technology of Qualys, one of the few organisations accredited by the PCI Council.
Vulnerability scan in four simple steps
Step 1: Receive your initial login details & personalise
You’ll receive a welcome letter with login details, which will include a link to the Qualys community site with training videos.
Step 2: Set up your scans and reports
Create and schedule the frequency and identify the network assets to be scanned, before running the report.
Step 3: Receive your report
Choose to receive reports via a URL link or email. Reports include a high-level summary, ranked order of priority, details for each vulnerability, recommended actions to fix each vulnerability and an assessment of your scanned network versus known threats.
Step 4: Learn more from the knowledge base
Access the community portal to gain more knowledge, interact with other users and receive updates on new features and functions.
This self-service option lets you set up scans on your external, fixed IP addresses for your network, web application and card payment systems. Detect threats in the cloud and stop them before they reach your corporate network.
Generate reports ranking and rating vulnerabilities through an easy-to-use portal. You can engage our consultants to evaluate basic reports in more detail and provide remedial actions.
Pricing is based on the number and type of scans required. You can be up and running within a few days.
A Telstra Security Consultant will perform scans based on your requirements and then provide a customised report of risks identified, vulnerability ratings and recommendations. This option is ideal if you don't have in-house expertise or need more detailed reporting.
To find out more, contact your Account Executive.
Best of breed solution
This solution is offered in conjunction with Qualys, the only provider offering a cloud solution for Internal and External Scanning with complete audit trails with verifiable results. Qualys is also a PCI-approved scanning vendor.
No matter what the environment, we can give you a view of your assets and the vulnerabilities that exist. Combine internal and external scans to view a single report on the state of your network. See where your IT systems might be vulnerable to the latest internet threats and how to protect them.
Flexible cost effective threat assessment
Get options based on the number and type of IP addresses you want scanned at a fixed monthly price with no upfront fee. Gives the flexibility to run scans when you want and provides insights to prioritise security investment.
Vulnerability Assessment can help you achieve PCI compliance status and secure your network as it’s designed to meet certain PCI scanning requirements. With integrated security and compliance, you can analyse, manage and view your IT security and compliance posture in one unified view.
We’ll scan your assets automatically on an ongoing basis, report any new vulnerabilities and help you stay on top of any new threats.
External IP Address Scans
You’ll have access to a cloud-based virtual machine instance that scans external public IP addresses and comprises the following features:
Payment Card Industry Data Security Standard (PCI-DSS) is a proprietary information security standard set up to ensure that companies handling credit or debit card information maintain a secure environment. Validation of compliance with the standard is performed annually, either by an external Qualified Security Assessor (QSA) or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes.
Fixed number of Web Application Scanning (WAS)
Discover official and “unofficial” apps that may be residing inside your environment. WAS detects applications that are vulnerable to issues including the OWASP Top 10, SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF) and URL redirection.
Additional Web Application Scans
You can purchase additional Web Application Scans of your externally facing web applications.
PCI-DSS and Fixed number of Web Application Scanning (WAS) are both included when you purchase an external IP scan.
To find out more about these add-ons please contact your Account Executive.
Internal IP Address Scans
Provides a hardware or virtual scanning appliance located inside your network to scan one or more internal network segments. It allows the results of the internal scan to be combined with the external scan to provide a single report on the state of your network.
Zero Day Scan
Scan internal IP addresses for zero day vulnerabilities to check your applications and operating system against a constantly updated list of exploits that have yet to be patched. Identify vulnerable applications that can be quarantined from the network until a patch or update is supplied by the developer. We recommend that you run this scan on a daily basis for maximum effectiveness.
External IP Address Scan Pricing
Charges for External Vulnerability Scans (which includes the VM Scan, PCI Compliance scan and Web Application Scan) are set out below.
|No. IP addresses||Monthly charge (GST excl.)||Annual Charge (GST excl.)|
|8 IP addresses (includes 1 WAS)||$283||$3,056|
|16 IP addresses (includes 1 WAS)||$396||$4,277|
|32 IP addresses (includes 1 WAS)||$567||$6,124|
|64 IP addresses (includes 1 WAS)||$907||$9,796|
|96 IP addresses (includes 1 WAS)||$1,304||$14,083|
|128 IP addresses (includes 1 WAS)||$1,701||$18,371|
|150 IP addresses (includes 1 WAS)||$1,928||$20,822|
|200 IP addresses (includes 2 WAS)||$4,811||$51,959|
|300 IP addresses (includes 3 WAS)||$5,599||$60,469|
|400 IP addresses (includes 4 WAS)||$6,255||$67,554|
|500 IP addresses (includes 5 WAS)||$6,829||$73,753|
|600 IP addresses (includes 6 WAS)||$7,346||$79,337|
|700 IP addresses (includes 7 WAS)||$7,819||$84,445|
|800 IP addresses (includes 8 WAS)||$8,258||$89,186|
|Vulnerability Service Add-on – Additional Web Application Scans|
|No. IP addresses||Monthly charge (ex GST)||Annual charge (ex GST)|
|For each additional WAS||$68||$734|
Get started with your Vulnerability Services today
You'll need Telstra online access to purchase and manage your cloud services.
New to Telstra?
Create a new username and password, and register a new Telstra account for your company.
Once your Vulnerability Service offering is provisioned, you’ll be sent an email providing login details.
Things you need to know
The Vulnerability Services will only scan those IP addresses and web applications nominated and input by you and which you (and your system) allow to be scanned. You are responsible for identifying network assets to be scanned, configuring your systems to allow scanning (eg. removing firewalls), and choosing the frequency of your scans. Scan reports are a point in time scan of your network assets against a list of known vulnerabilities. You may only scan IP addresses and web applications you have written authority to scan.