Customer A:
Large hi-tech firm developing CRM solutions for customers worldwide:

• Customer A's customers and partners connect to their Web site using a user name and a password in order to purchase the products and use the Company's information portal
• The Web server is placed in a Co-location at a large ISP, well protected behind a firewall, content filtering applications, etc
• Customer A uses Automated Scanning and produces weekly differential reports

Two months following the beginning of the scans, an attacker used a security vulnerability that was identified during the scans but was not fixed, to place a backdoor on the server in order to have complete access to the server and to enable the attacker to manipulate the information on that server, as well as use the server to "leap-frog" and attack other servers on the ISP's network from this compromised one.

Automated Scanning's differential reporting immediately highlighted this backdoor . The security hole that caused this compromise was reported in previous scans, but the administrator had decided not to act on it immediately. He was therefore alarmed to see that this vulnerability caused an actual break-in. Finding this backdoor just shortly after it was placed saved money and limited the damage caused by this compromise. In fact, the attacker did not have the time to do anything other than place the backdoor, so the usual damage of the break in was avoided due to the quick identification of the incident. The information Customer A's Security Officer had received from the Automated Scanning report enabled him to quickly instruct the system administrator to fix the security hole using solutions that appeared in the vulnerability report.

Company B:
A company providing public services that have implications on national security.

This company had conducted quarterly Penetration tests using a top data security consulting company and paid over 20,000$ each quarter to perform these scans. The company used Beyond Security's remote Automated Scanning service on their systems (from the Internet). "High Risk" security holes were found in the repot - which mean that an attacker can gain full access to the main server.

The company was shocked; especially due to the fact the periodic penetration test did not reveal those holes. Company B had requested a further "proof of concept" and requested Beyond Security to exploit this venerability and penetrate the server in order to show the magnitude of the problem. We did so, and exploited that specific vulnerability using exploit code that is publicly available on SecuriTeam.com. Our team was able to gain control over their database, and add ourselves as a trusted "agent" in the system.

The reason this vulnerability was not discovered during the penetration testing, was simply because the vulnerability we found was new, and the penetration test performed several weeks before our scan had already been obsolete! Company B was able to quickly fix the hole using the solution found in the report, and installed an Automated Scanning server to perform regular checks.

Customer C:
This customer is a governmental office.

The customer was using an information security product in order to secure their main web site from Internet attacks. The customer used our Automated Scanning server in order to check the DMZ network for security weaknesses and found that this product uses a database that had its SQL service open to the outside, allowing anyone on the DMZ (or an attacker that gained access to the DMZ) to get into the database and exploit vulnerabilities in this off-the-shelf database product to further gain access to the server. This government office did not even know that a database was running in the background, and that it was gathering sensitive information about their network activities. In addition, the official office policy is not to use any database products without coordinating this with the security officer, and this was clearly in breach of that policy The Customer bought an Automated Scanning server and installed it for both internal and external scanning. In addition, they could now contact the web security company and ask them to fix this security hole immediately, which was previously unknown. This customer has additional Web sites that were protected with the same tool and they found that all of them suffer the same problem.