This is a follow up from my recent posts about the company RandomStorm and its products.
After my initial phone conversation they sent me a complementary access to their xStorm Cloud Based Vulnerability Scanner.
Well recently I had sometime to investigate, these are my findings, hope you enjoy.
First off this is only a brief look at this product, there is probably so much more to it than I can explore here with the limited trial that RandomStorm gave me.
OK, first your have to start up your browser, I choose Google Chrome, but Firefox or even Internet Explorer will suffice.
You will be met with a login screen
Enter your credentials and you are at the System Dashboard, here you will find all sorts of info about the systems you have scanned, vulnerabilities found etc etc.
First of all the System Dashboard will be empty as you won’t have any scans or hosts setup, so off to the Settings tab to add in a host. Click Add Scan Targets and fill in the details, accept the terms and conditions and click ADD.
Next we go off to the Scanning tab,
- Select the IP’s you wish to scan by highlighting them on the left and using the arrows drag them into the selected box
- Select the scantype. Full Vulnerability or PCI Scan are recommended
- Schedule the scan or simply press start Assessment
Once the scan is complete, and this can take a while, we can head over to the reports tab
At the reports page we need to select the hosts we require the report on and the type of report, html, pdf format, between which dates etc etc. Hit the Run Report button and wait a few seconds.
Lucky for me no vulnerabilities were found, but this could be a whole new story if the systems were not set-up as well as mine.
I also took the pdf report which I’ve shown below
As a comparison to this I did a scan of the same IP address/Server but with Rapid 7’s Nexpose Community and this returned the same results, so at least we have some consistency.
Also as a baseline to the test I set a scan on Damn Vulnerable Web App, using Nexpose and xStorm.
The web-server was placed in my DMZ and scanned across the internet, Nexpose reported the expected vulnerabilities, (I won’t give them away, but you should investigate this on your own, good practice for wannabe Pentesters), but xStorm, did not get any results at all, I tried this 3 times.
I cannot even begin to guess why this failed to generate any results, when Nexpose returned scan results every time, strange when xStorm functioned perfectly on the first test.
Overall the system will probably suit a company that doesn’t have in house Pentesters/Secuirty staff, its a great tool for quickly auditing your external servers to see if they are secure.
But I think real Pentesters/Security staff will prefer to do this type of scanning/vulnerability testing using more manual methods.
Nice product overall easy to use and reports are easy to understand will really help lots of SMB’s stay safe.