Vulnerability Assessment
Identification, classification, and prioritization of security vulnerabilities in computer systems, applications, and network infrastructuresWith the use of our Vulnerability Assessment, companies can have their entire infrastructure and products checked for already known vulnerabilities at cost-effective prices. We evaluate identified vulnerabilities by severity and provide mitigation guidance. This allows for convenient prioritization in addressing the identified vulnerabilities. A vulnerability assessment scales remarkably well. It is possible to examine a large network with thousands of hosts in a short period of time.
Vulnerability Assessment Process
The Vulnerability Assessment process consists of four steps: Asset Discovery, Vulnerability Scanning, Risk Evaluation, Mitigation
Asset Discovery
The first phase is to identify and categorize all systems and applications. Network scanners, service and version detection tools are utilized for this task, among other techniques. The goal is to obtain a complete overview of the applications or infrastructure for the next step, which is vulnerability scanning.
Vulnerability Scanning
Vulnerability scanning automatically examines all identified applications and hosts for known vulnerabilities. This is done both actively using payloads and passively using identified versions.
Risk Evaluation
When vulnerability scanning is finished, all identified vulnerabilities are manually evaluated. An assessment is then performed based on severity and likelihood.
Mitigation
The mitigation involves formulating recommendations to address the identified vulnerabilities.
Procedure and Objective
The procedure and objective of the vulnerability assessment, e.g., to achieve a security level in accordance with the current state of the art, are coordinated with the client. Among other things, this involves determining the steps to be taken in the assessment, defining contingency measures, and specifying safety-critical systems that are to be excluded from the assessment, for example.
If you want to be confident that your system is protected from threats, then contact us! If you want to achieve an even higher level of security, we recommend a penetration test which includes a vulnerability assessment.