Vulnerability scanning and assessment
Vulnerability Scanning and Assessment
Identify vulnerabilities on internal or external infrastructure and assess their potential impact to your business
Improsec provides a vulnerability scanning and assessment to establish a baseline security level of the currently deployed workstations, servers, network equipment and other devices connected to the network.
Identify vulnerabilities on publicly exposed or internal infrastructure
Assessment of the vulnerabilities’ potential impact to your business and ease of exploitation
Identify inefficient patch management on workstations, servers, network equipment or other devices (printers, IP telephones, video surveillance, etc.)
Identify devices connected to your network not managed by the IT department
The deliverable of the assessment is a written report containing the following:
A non-technical section with an Executive Summary for management and decision makers
A technical section that is based on our overall risk assessment. It will include relevant detailed critical, high and medium severity observations, potential impact and tangible recommendations
An appendix including all identified vulnerabilities across all severity levels
Our vulnerability scanning and assessment is based upon recognized resources like configuration recommendations and CVE information released by vendors and renowned institutes such as Cisco, Windows, SANS and MITRE, combined with our own professional experience and expertise.
During the vulnerability scanning, we use industry standard automated tools. In our vulnerability assessment we manually verify the vulnerabilities identified during the scanning and remove false positives. Optionally information about the identified vulnerabilities are enriched with information about whether a public exploit is available and how easy it would be to exploit in your specific environment.
The delivery requires minimal involvement of your technical staff.
Download full description as PDF file