If you care about your IT infrastructure and you want it safeguarded, you should regularly have vulnerability assessments performed. This service checks either or both network components like firewalls, routers and servers as well as web application components such as websites, portals and restricted web access systems. The goal of the assessment is to find loopholes in security, which would allow an intruder to gain unauthorized access.
The checks include the search for known and unknown system or web application vulnerabilities, missing patch levels, out of date operating systems, out of date software revisions as well as open and exposed ports.
- Network Vulnerability Assessments
- IOT Vulnerability Assessments
- Web Application Vulnerability Assessments
- Mobile Application
- Cloud Vulnerability Assessments
- Social Engineering
What’s the difference between a Vulnerability Assessment and a Penetration Test?
A Vulnerability Assessment is the first part of a Penetration Test. During a vulnerability assessment, the customer receives a report which outlines all different vulnerabilities encountered, advices on missing patch levels, out of date hardware and software and provides mitigation advice to close the loopholes down.
A Penetration Test on the other hand will also try to actively hack all systems where vulnerabilities have been encountered. For small businesses a Vulnerability Assessment is usually sufficient. A vulnerability system is non-intrusive, which means no harmful actions against the tested systems are being performed.