What is vulnerability assessment?
Vulnerability assessment is the use of automated tools to identify known security vulnerabilities in your environment. It checks whether the minimum level of security settings have been switched on and the appropriate security patches have been deployed.
When do you need a vulnerability assessment?
In general, we recommend Corporates to exercise the best practice to perform vulnerability assessment at least once every quarter. This is particularly the case when there’s major system, organization or infrastructure change or a need for compliance.
First, a list of asset inventory of all systems (servers, desktops, virtual machines, webcams, firewalls, applications etc.) to be scanned is identified. Then, our qualified security expert conducts the scanning using a variety of commercial and open source tools. The vulnerabilities discovered will then be analyzed and classified into different risk ratings. For each specific vulnerability, safeguards are recommended. Those safeguards, if implemented, may mitigate the security risks such as modification or destruction of data, disclosure of sensitive information, or denial of service to the users who require the information or the access.
A presentation (either remote or physical) of findings.
A final report includes executive summary, scope, findings, evidence and recommendations.
A follow-up sheet to keep track of remediation progress.
A regular vulnerability assessment plan can be offered (optional)