- Knowledge Base
- General
- Providers
-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
System & Network Scanning
-
Web Application Scanning
-
Cloud Scanning (CSPM)
-
API Scanning
-
Phishing & Awareness Training
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
-
Dashboard
Information for service providers
This information is for service providers, such as web hosting companies, companies providing hosting for CMS systems, and companies providing cloud services and SaaS.
What is Holm Security VMP?
Holm Security provides a platform for vulnerability assessment called Holm Security VMP. The platform performs network and web application security scanning to find vulnerabilities. The testing is performed using a large number of different techniques to identify mainly poorly configured systems, outdated software with vulnerabilities, and security issues in web applications like the ones within OWASP's top 10.
Read more about OWASP's top 10 here:
https://support.holmsecurity.com/knowledge/what-is-owasp-top-10
Why do vulnerability assessments?
Performing vulnerability assessment helps our customers maintain high security to avoid being hacked and to comply with rules and regulations such as GDPR (General Data Regulation Regulation) and NIS (Network and Information Security). Even if most providers have a high level of security, it's still the customer that suffers from security breaches. Accordingly, they need to verify the security.
What impact will scanning have on our systems?
The impact is minimal. Holm Security VMP is designed to minimize the network bandwidth it uses so that the impact on network traffic load is minimal. If a scan detects that the device performance is bad or deteriorates during a scan, it will adapt dynamically and reduce the scan intensity and speed.
Consider that all your public systems are constantly exposed to hackers, so Holm Security VMP's tests don't differ from what you're exposed to today.
What are the benefits for me as a provider?
The benefit for you as a provider is that you get extra security testing of your services, which will improve security for the customer and maybe other customers as well.
How do I admit the customer to perform scanning?
Holm Security recommends emailing customers the following phrase to confirm that they can perform scans from Holm Security VMP.
English:
We hereby confirm that we allow <name organization> to perform vulnerability assessment scanning using Holm Security VMP for the following IP addresses/IP address ranges and web applications/websites:
<specify each IP address/IP address range and web application/website>
Swedish:
Vi bekräftar härmed att vi tillåter sårbarhetsskanning med Holm Security VMP av följande IP-nummer/IP-nät och webbapplikationer/webbplatser:
<specificera varje IP-nummer/IP-nät och webbapplikation/webbplats>