Vulnerability Assessment

What is Vulnerability Assessment?

A vulnerability assessment uses a vulnerability scanner to analyze your server and network environment for vulnerabilities. The assessment uses a combination of automated tools and manual verification to confirm the validity of vulnerabilities detected.

Vulnerability assessment can be conducted from within your network or from the public internet to determine your vulnerability exposure.

Vulnerability Assessment Process

How can we help?

Frequently Asked Questions

What is the difference between internal and external assessment?

Internal vulnerability assessment determines the exposure to a malicious insider attack and is conducted from within the customer internal network and from a segment where the targets are accessible.

External vulnerability assessment determines the exposure to a malicious outsider attack and is conducted from the public internet without modification of customer’s perimeter defence.

What is included in network vulnerability assessment?

Network vulnerability assessment is focused on the services running on the network and is primarily concerned with vulnerabilities at the operating system layer and common software (e.g. NIST CPE) of the target hosts and devices.

What is included in web application vulnerability assessment?

Web application vulnerability assessment is focused on the functionalities of the application and is primarily concerned with application layer vulnerabilities, especially the OWASP Top Ten Web Application Security Risks.

What tools do you use?

We use both commercial and open source tools including Tenable Nessus Pro, Burp Suite Pro, Kali Linux, etc.

Vulnerability Assessment

What is Vulnerability Assessment?

Network

Web Application

Workstations

Vulnerability Assessment Process

Scan

Verify

Report

Retest

How can we help?

Frequently Asked Questions

Contact Info

Common Links

Quick Links