Vulnerability Management

Vulnerability Management

Understand and Act upon Your Risks

A Holistic Understanding of Risk

Vulnerability scans are business-critical. But the results lose much of their meaning if viewed in isolation. With this in mind, the comprehensive reporting engine offered by SIX contextualizes results against wider scans. This allows us to alert you and respond to serious vulnerabilities at the earliest possible moment.

Customers can define the frequency of scans and tailor the schedule to their own specific needs. This includes running additional scans at short notice when vulnerabilities are suspected.

How You Will Benefit

SIX seeks to ensure the best possible protection for both itself and the system-critical Swiss banking infrastructure by identifying relevant security incidents at an early stage.

Thomas Rhomberg, Head Security Operations & Transformation

About This Service

The SIX vulnerability management service is characterized by breadth and rigor. A single isolated scan won’t tell you much, but our comprehensive reporting engine compares your results to countless other scans to alert you to vulnerabilities at an early stage. With SIX, you stay protected.

Service Overview

The vulnerability management service of SIX is the only one in Switzerland that was developed from within the financial sector and understands the regulatory requirements of Swiss banks and insurance companies from its own experience.

Not only are customers informed early about vulnerabilities but they have access to a nationwide benchmark that compares their data with a sample from the whole of Switzerland.

How the Service Works

SIX works with customers to define the various types of internal and external vulnerability scans required and plan for how often they are to be carried out. We correlate and evaluate the results of these scans using our proprietary reporting engine and inform customers immediately in the event of an increased threat situation.


Scan Options

For your vulnerability assessment SIX provides the following scan options:

  • remote scan: letting you see things from an attacker’s perspective
  • onsite scan: concentrating on your Local Area Network, ensuring that security does not end at the perimeter
  • port scan: focusing on locating network resources
  • vulnerability scan: an extension of the port scan that also checks for known vulnerabilities in operating systems and applications