NETWORK

VULNERABILITY ASSESSMENT

Network Devices

Internal

Threats appear within the environment behind the external layers of protections an organization may have in place, such as a firewall. Internal scanning is highly valued by customers in all industries as they are used to identify vulnerabilities within the corporate network such as; operating systems, third party libraries, internal databases, internal APIs, connected IoT devices and other network devices such as printers, fax machines and phones.

External

Threats lurk on the line of defenses your organization has in place. It is highly recommended to conduct external vulnerability assessments for your organization on a semi-annual basis as malicious actors develop new tactics and skills. Network endpoints required to be tested are; firewalls, email servers, VPN gateway, web application servers, cloud hosted end-points and all other external facing devices which may be an entry point to mission critical assets.

When should my organization have a vulnerability assessment?

• Satisfy PCI, HIPAA and NERC-CIP compliance 
• To match up critical vulnerabilities with critical assets
• To identify all false-positives and false-negatives
• At least annually, recommended semi-annually

• After changes to your configurations or hardware
• Patch management remediation on discovered vulnerabilities
• AS OFTEN AS YOU LIKE

Vulnerability Analysis Approach & Methodology

1. Define Scope

Detailed outline with the customer to define what assets are in scope.

4. Vulnerability Analysis

Utilize enterprise and custom scanning tools to uncover vulnerabilities.

2. Information Gathering

Map out the corporate infrastructure based on services, ports, hardware, software and operating system. 

5. Reporting

Creation of  Executive and Detail technical reports for both management and remediation team.

3. Threat Modeling

Determine mission critical and connected assets to corporate data through white, gray or black box approach.

6. Exit Call

Call scheduled with customers management and remediation team to explain in detail the findings and assist in remediation processes.

1. Define Scope

Detailed outline with the customer to define what assets are in scope.

2. Information Gathering

Map out the corporate infrastructure based on services, ports, hardware, software and operating system. 

3. Threat Modeling

Determine mission critical and connected assets to corporate data through white, gray or black box approach.

4. Vulnerability Analysis

Utilize enterprise and custom scanning tools to uncover vulnerabilities.

5. Reporting

Creation of  Executive and Detail technical reports for both management and remediation team.

6. Exit Call

Call scheduled with customers management and remediation team to explain in detail the findings and assist in remediation processes.

Advisory Solutions

VULNERABILITY ASSESSMENT

Network devices, Cloud infrastructure, Web applications, Wireless, Mobile applications and Internet of things devices

PENETRATION TESTING

Network devices, Cloud, Wireless, Web application, Internet of things devices, Mobile applications, Social engineering, Continuous penetration testing and Active directory enumeration

Your Trust, Our Protection

talk to a cyber security expert today!