SAINT is an acronym for the Security Administrator's Integrated Network Tool. This product was first offered commercially in 2001 by the company derived from the original acronym. SAINT Corporation has since expanded this offering into two products: SAINT Security Suite and SAINT Cloud. Fundamentally, the key capability of both solutions is to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of network hosts. It will also gather information such as operating system types and open ports. The graphical user interface provides access to data management, scan configuration, scan scheduling, data analysis, and reporting capabilities through a web browser.
SAINTexploit is the legacy product term for the penetration testing component of SAINT’s product lines. Prior to version 8, this component was available as an integrated component of the “professional” edition of the product. As of version 8, this capability is now fully integrated in both Security Suite and SAINTCloud and is accessed simply via the Exploit menu option. It allows the user to verify the existence of vulnerabilities by exploiting them and gathering evidence of penetration. Unlike vulnerability and configuration scanning probes, which detect various types of vulnerabilities and configuration weaknesses, exploits run different probes which are meant to gain command execution access to targets. Detected vulnerabilities are displayed in the Analyze capabilities at the “record level of detail” and include a separate exploit column to highlight whether an exploit is available for the applicable vulnerability. Both solutions also provide pre-packaged “Pen Test” scan policies which automatically choose exploits based on the target’s operating system and open services. This scan policy can be used in conjunction with interactive processes to achieve an in-depth penetration test. Information learned from initial scanning and analysis can be used to devise attack strategies to obtain a connection to vulnerable targets, and possibly initiate multiple attack methodologies (exploits, exploit tools, social engineering, etc.) to help you demonstrate the impact of the vulnerabilities and prioritize remediation efforts.
The scanning process begins by detecting all live targets within the given target list or range. The selected scanning policy then determines which core probes are run against each target. Results from the probes are used by the inference engine to schedule additional probes and to infer vulnerabilities and other information based on rule sets. Final scan results are then stored in the back end database to support data analysis and reporting through either the browser interface, command line Interface (CLI) or accessed via the application programming interface (API).
There are five (5) deployment options available for the fully-integrated
solution. Your individual installation, configuration and administration
activities may vary, depending on your specific deployment option.
Software Download –
The Security Suite download option is available for those that wish
to control where and how the product is installed, configured and
managed in their environment. The download options are available via
the mySAINT customer portal.
Virtual Appliance –
Security Suite is also available as a pre-configured virtual machine.
Since the product only supports native installation on Linux-based
hosts, a VM deployment option enables customers to deploy the product
on Windows-based machines.
SAINTbox®
– SAINTbox is a pre-configured
appliance that provides an easy and affordable turnkey
solution for getting started quickly and makes installation and updates
easy.
Cloud-based Software
– SAINT also offers a hosted scanning service via SAINTCloud. This
service is provided through our hosted web servers as a shared multi-tenant
environment. It is also available as a dedicated deployment for customers
with larger capacity or special scanning requirements. The hosted
service enables scanning TCP and UDP services on Internet-facing targets,
based on the selected policy and host type fingerprinting executed
during target discovery, as well as internal host scanning via secure
VPN tunneling or remotely deployed scanners (i.e., distributed scanning
nodes).
Amazon Machine Image (AMI) – Security Suite is also available through the AWS Marketplace as a pre-configured machine image. SAINT offers two deployment options for this AMI:
Non-preauthorized AMI for customers that require one deployment option that supports both direct access to the management console and scanning engine; and
Pre-authorized AMI for customers that wish to connect to an AMS-deployed scanning node that is configured to scan into AWS EC2 instances without prior approval of Amazon.