Vulnerability scanning and assessment

 
 

Vulnerability Scanning and Assessment

Identify vulnerabilities on internal or external infrastructure and assess their potential impact to your business

Improsec provides a vulnerability scanning and assessment to establish a baseline security level of the currently deployed workstations, servers, network equipment and other devices connected to the network.

Value

  • Identify vulnerabilities on publicly exposed or internal infrastructure

  • Assessment of the vulnerabilities’ potential impact to your business and ease of exploitation

  • Identify inefficient patch management on workstations, servers, network equipment or other devices (printers, IP telephones, video surveillance, etc.)

  • Identify devices connected to your network not managed by the IT department

Product

The deliverable of the assessment is a written report containing the following:

  • A non-technical section with an Executive Summary for management and decision makers

  • A technical section that is based on our overall risk assessment. It will include relevant detailed critical, high and medium severity observations, potential impact and tangible recommendations

  • An appendix including all identified vulnerabilities across all severity levels

Method

Our vulnerability scanning and assessment is based upon recognized resources like configuration recommendations and CVE information released by vendors and renowned institutes such as Cisco, Windows, SANS and MITRE, combined with our own professional experience and expertise.

During the vulnerability scanning, we use industry standard automated tools. In our vulnerability assessment we manually verify the vulnerabilities identified during the scanning and remove false positives. Optionally information about the identified vulnerabilities are enriched with information about whether a public exploit is available and how easy it would be to exploit in your specific environment.  

Involvement

The delivery requires minimal involvement of your technical staff.


 
 

Download full description as PDF file