Vulnerability Scanning and Assessments

A vulnerability assessmnet exposes weaknesses before you are exposed to a breach

Vulnerability Assessments

Make sure you go for the maximum vulnerability assessment possible.

Attackers know how to maximise damage and target key assets in networks. The increasing growth of cyber-crime attacks and the associated risks means all organisations should have a vulnerability management process as part of their information security strategy.

A good vulnerability assessment proactively discovers network, device and application security vulnerabilities. It should provide a clear view of what needs to be prioritised. Remediation and mitigation  activities should be proficiently documented and all staff trained to understand the strategy.  

The sooner you detect vulnerabilities the better able you are to protect your systems and assets. Keep in mind that attacks are likely to come from many different areas and there needs to be a plan to deal with every eventuality. Do not focus on only the most obvious vulnerabilities because you think they could expose you to the most extreme threats. Sophisticated attacks are those that often exploit the smallest and least detectable vulnerability and can sit on a system unnoticed for some time collecting valuable information.

Choose a service that offers a host of scanning types and scanning services. Relying on only one scanner will not provide the comprehensive view of vulnerabilities that necessary for a worthwhile assessment.

We can check your vulnerability status

Our vulnerability assessments help predict and protect

We constantly monitor the industry and collect data on emerging threats and advanced persistent threats. Using this knowledge we can develop a plan and strategy that identifies weaknesses in applications and networks (both internal and external), applies corrective action and provides on-going monitoring.

We use the most up-to-date Knowledge Base of vulnerability checks and analysis in the industry. Networks are scanned using cutting edge methods and an adaptive process that utilises an Inference-Based scanning engine. Detection of unauthorised devices and identification of rogue machines remove risks that threaten the overall system and network security. Tracking mechanisms are employed to verify the inventory of all device types, operating systems, patch levels, hardware configuration and other relevant information.

Our assessments look at all aspects of your system including:

  • Network infrastructure (full perimeter testing)
  • Virtual infrastructure
  • Host
  • Ports
  • Applications
  • Web server
  • Web application (including tests for OWASP Top Risks)
  • Mobile devices
  • Databases
  • Sensitive content
  • Anti-virus
  • Operating systems
  • Computers tested against SCAP security benchmarks

Configuration and Compliance audits are carried out at the same time to ensure all IT assets, content and system configurations are compliant with policies and standards.