Vulnerability Assessment
Vulnerability
Identify the Vulnerability, before someone exploit it
Vulnerability Assessment
Vulnerability Assessments identify and address any security exposures before attackers can exploit them. Scanning tools are used to scan all IP addresses on the network and to identify vulnerabilities such as out of date software and patches. Depending on scope, assessments can cover an organization’s internal network, external boundary or both.
The vulnerability assessment report will show a detailed network map of all end points which can be referenced against the company’s IT asset register. Any unofficially added devices to the network are thus identified – such rogue devices are seldom hardened or secured and therefore introduce unwanted risk to the network.
Cyber Essentials Plus requires that networks covered by the certification are scanned for vulnerabilities every six months, this is good practice whether you are certified or not. Contact us to discuss our discounted recurring cyber assessment packages. Our tests include, but are not limited to the following areas:
SQL injection
Cross site scripting
Convert data harvesting
Password and credential harvesting
Denial of service
Application and operating system exploitation
Server and network shutdown
Patching status: Patch management status for Microsoft, Mac OS X, and Linux Operating systems and applications.
Full network audit: Hardware configuration testing for all connected devices, including wireless and mobile.
Software audit: Mapping of installed software on all connected devices and identified vulnerabilities
Our vulnerability assessment can cover the following (scope agreed with client):
Firewalls
Routers
Managed / Un-Managed Switches
User Endpoints & Access Devices (UAD)
Servers (Windows / *nix)
Wireless Access Points
Web Applications
Public Website