Vulnerability Assessment

A vulnerability assessment is the testing process used to identify and assign severity levels to as many security defects as possible in a given timeframe. This process may involve automated and manual techniques with varying degrees of rigor and an emphasis on comprehensive coverage. Using a risk-based approach, vulnerability assessments may target different layers of technology, the most common being host, network, and application-layer assessments. Vulnerability testing helps organizations identify vulnerabilities in their software and supporting infrastructure before a compromise can take place.

In a Network Security Audit an organization’s complete infrastructure is assessed for any kind of weakness in their systems by which an attacker could cause a potential harm or damage to the organization. We perform a detailed review of the Network Architecture, Policies, rules and internal setting related to Network Devices, Servers and Workstations, etc

BENEFITS OF VULNERABILITY ASSESSMENT

Identify risks

Vulnerability Assessment helps organisations identify underlying vulnerabilities which are at risk of being exploited

Meet Compliance

A Vulnerability Assessment is necessary requirement for being compliant

Improve Security posture

Helps you to identify open risks and propose a plan to mitigate them

Validate security controls

Validate whether your inplace security controls are efficient and reliable

METHODOLOGY

Scoping

Discussion to set the parameters for the project. Understanding project parameters and requirements

Reconnaissance

This phase includes active and passive information gathering. Details of target network, device architecture, operating systems,etc are gathered.

Assessment

This phase covers Network, Port and Vulnerability scanning. Assessment of vulnerable machines and services is performed. Includes Whitebox / Blackbox testing along with automated and manual techniques

Reporting

Discussion of audit findings with the team and report submission is performed under this phase

DELIVERABLE

At the end of activity you receive a report with the detailed findings, their impact, CVE score and steps for their mitigations. Vulnerabilities are risk ranked to prioritised remediation.