1. Schedule a 30-minute Discovery Session
2. We determine IF and HOW we can help
3. We provide a Tailored Proposal
4. Together, we review the Proposal
A Vulnerability Assessment is the process of evaluating assets in an enterprise for missing patches and misconfigurations. Often the vulnerability assessment is in support of regulatory compliance or compliance with a standard. The process identifies and prioritizes vulnerabilities based on criteria such as the likelihood of the vulnerability being exploited and the severity of the vulnerability – what the vulnerability provides the attacker when used. These criteria are used to categorize the vulnerability as Critical, High, Medium, Low, or Informational.
We assess systems using vulnerability scanning tools and manual methods to identify and prioritize findings based on the criticality of system vulnerabilities. We scrub findings to eliminate false positives and prioritize risk, based on existing security controls for your environment. The Vulnerability Assessment looks for missing patches and existing vulnerabilities for each system. We use authenticated scans wherever possible to reduce false positives and improve accuracy.
We typically perform a Vulnerability Assessment on an internal enterprise environment and a Penetration Test against the external, public-facing systems. We can, however, perform a Vulnerability Assessment against your external systems and wireless systems as well.
How do you know the steps you took to fix our vulnerability assessment report findings actually worked? Validation removes the guesswork. When you’re ready, after fixing the issues identified in the vulnerability assessment report, we offer a deep discount to rerun the same vulnerability assessment. This is a crucial and often overlooked step in this process. Validating security controls, patches, and other fix actions is extremely important. We have discovered numerous organizations that thought they fixed a finding we identified, only to discover after another assessment that the finding was still there.
Interested in improving your security by identifying vulnerabilities and Fixing them in a step-by-step prioritized manner, based on risk?
Contact Us or use the form for more information about our Vulnerability Assessment services.
A vulnerability assessment is less-intrusive than a penetration test. With the vulnerability assessment, we identify vulnerabilities, but do not exploit them. A penetration test goes beyond a vulnerability assessment by exploiting vulnerabilities and seeing how far into your environment an attacker can go by taking advantage of system or application vulnerabilities.
The number of cybersecurity incidents continues to climb. The variety of attacks continues to grow. It is no longer a question of if you will have a cyber event.