CYBX can run tailored Vulnerability Assessments to help you meet your business requirements. Whether it be annual assessments for Cyber Essentials, a one-off test for peace of mind, or a regular monthly assessment for ongoing security. A vulnerability assessment will provide you with a clearer understanding of your internal and external security.
Vulnerability assessments are vital for compliance purposes, but also prove significantly beneficial for businesses that do not require the extensive testing offered by traditional penetration testing. A vulnerability assessment provides a comprehensive overview of your security, without considering any substantial variables that could potentially be introduced through manual configuration.
After your assessment, our team will provide your results, along with a tailored executive summary from our security testers to allow you to confidently review and action each item.
The Value of Vulnerability Assessments
Our Vulnerability Assessments help Network and Security Managers who want to identify vulnerabilities in their systems and/or applications by scanning their infrastructure or application security. By Identifying vulnerabilities we are able to advise on how to fix them and support you with comprehensive one to one support after scanning. This will enable your IT managers to understand and secure your systems and software. Unlike using scanning software from third party providers, the Cybx team are able to assist you in fully understanding the process and the findings, allowing you to resolve the issue and not just find it.
External Vulnerability Assessments
During a external vulnerability assessment, testers are able to identify the following:
- Exploitable vulnerabilities per host
- Misconfiguration of externally facing services
- Default passwords
- Running services on externally facing infrastructure
Internal Vulnerability Assesments
During a Internal vulnerability assessment, testers can identify the above issues plus:
- Patch Audit:
- Identify and isolate hosts missing specific patches
- Network-based Scan:
- Exploitable vulnerabilities on all devices and endpoints on the network, along with their CVE details