Vulnerability Assessments

  • Home
  • Vulnerability Assessments
Vulnerability Assessments

A Vulnerability Assessment of your infrastructure provides you with a high-level overview of potential security weaknesses.

Vulnerability scans of your internal or Internet-facing infrastructure provides you with a cost-effective solution to quickly identify vulnerabilities that may be present. Typical vulnerabilities include missing operating system patches, outdated software, obsolete operating systems, default credentials and many other cyber-security weaknesses that may be very quickly identified by malware or an attacker who has already gained physical access to your network.

Not all companies require a penetration test to successfully evaluate their security posture.  Regular vulnerability assessments are often an alternative.  An engineer performs vulnerability scanning to search systems for known vulnerabilities without exploitation attempts with an end goal of providing a remediation report prioritized on risk.

As with all vulnerability assessments, there is a possibility that “false positive” results may be present in the assessment findings. Furthermore, some vulnerabilities that would only be identified during a manual penetration test may not be identified, as very often, identifying these vulnerabilities is only possible through manual testing. If you require a security assessment of your environment which is representative of a real-life attack, we would strongly recommend considering a manual penetration test, as this will provide you with a more accurate set of test results.

Methodology

Using the latest scanning tools and techniques, we conduct a full vulnerability assessment on the given IP address range.This assessment serves to provide you with an up-to-date snapshot of the vulnerabilities on both the internal and external network that may be exploited by a malicious attacker. A full port scan is also included and all available services are checked to ascertain if they have known vulnerabilities present.

Prerequisites

  1. A signed & completed Testing Consent Form
  2. List of IP addresses or hostnames to be assessed