Vulnerability Assessment

Image - Vulnerability Assessment

External Vulnerability Assessment

External Network Vulnerability Assessment will enumerate systems and detect vulnerabilities from a public scope. This is the most significant attack surface. A misconfiguration in the perimeter will almost certainly be exploited, as it is exploitable from virtually anyone with internet access.

In scope

  • Public IP addresses (Office or Cloud) scanned for vulnerabilities and checked for inclusion in enumerated IP/service databases.
  • Domain names scanned for security misconfigurations including DNS and email security details (anti-spoofing technologies enrollment)
  • Assess on inclusion of corporate credentials in data breaches.
  • Outward facing services enumeration and assessment.
  • Email Security technologies enrollment and messaging security evaluation
  • High-level recommendations on mitigating found risks

Internal Vulnerability Assessment

Internal Vulnerability Assessment will enumerate systems and detect vulnerabilities from a scope within the network. In addition to insider threats, this is the scope that a threat from a compromised system (like an infected computer) would be able to operate.

In scope

  • Internal Network Architecture & Segregation overall assessment
  • Internal Servers vulnerability assessment
  • Workstations vulnerability assessment
  • Network devices vulnerability assessment
  • Wireless Networks vulnerability assessment.
  • High-level recommendations on mitigating found risks