Services > Vulnerability Assessments
Each vulnerability assessment encapsulates a process to identify, classify, report on and provide remediation advice for the security weaknesses of a constituent’s IT infrastructure. It entails a scan to uncover exploitable weaknesses in network devices, servers and systems. The results are manually verified and then compiled into an easy-to-read, actionable report.
A combination of regularly scheduled vulnerability assessments and penetration testing will help institutions identify security weaknesses in IT infrastructure before they can be used in an attack. The institution can then take action to remedy the weaknesses and prevent an attack/compromise.
Key features:
- External and internal options available
- Multiple scanners used (commercial and open source)
- Scalable to unlimited IP addresses
- Optional DNS verification
- Customised report and remediation advice
- Severity-level classification to aid remediation prioritisation
- Manual (infosec expert) verification
- User-friendly, actionable report (reduced page count)
- Follow up advice or assistance (limited)
- Cost-effective charging model
What we need:
- Permission to scan – from the appropriate authority
- List of domain(s) and/or IP addresses
- Security contact details + PGP key
You get:
- Extensive, low-intensity assessment using multiple scanners
- Manual verification/analysis/research
- Report summarising the findings and providing actionable remediation advice
- Limited follow-up consultation if required
From passionate information security specialists!
![[TI: logo for TI accredited teams]](assets/img/TI-Accredited_120x120.jpg)
![[FIRST.org Logo]](assets/img/first-org-simple.png)