Penetration testing and vulnerability assessments are often confused for the same service. A vulnerability scan is an automated, high-level test that looks for and reports potential vulnerabilities. A penetration test is an exhaustive, live examination designed to exploit weaknesses in your system.
Identify and detect vulnerabilities arising from misconfigurations or programming errors within a network-based asset such as a firewall, router, web server, application server, etc.
Benefits of Vulnerability Assessment Scanning
- The assessment creates a definitive inventory (map) of all the devices on your network. This also includes vulnerabilities associated with a specific device.
- The inventory will provide useful information to assist with upgrades and future security audits/assessments.
- Locates and identifies any potential security holes within your network before hackers do.
- Assists in identifying the level of risk that exists within your network.
- Optimise your security investments – ensuring you are getting the best value for your money.
The Razorthorn Approach
The accuracy and scope of the scan is extremely important, because they determine how well the results can be used to find and fix the highest priority security and compliance issues, allowing for enhanced productivity and an accurate view of the security posture of your organisation.
With this in mind, a qualified and experienced Razorthorn security professional will perform the vulnerability scans using a virtual Qualys scanner on the required IP addresses, which has 99.9% accuracy over more than 6 billion scans per year.
The vulnerability scan will provide full visibility into where IT systems might be vulnerable by finding the individual threats on each of the IPs scanned.
The Three Phases of Vulnerability Assessments
1. The Scoping Phase
(and potentially The Set-up Phase)
This phase is where the scope of the testing is determined via the provision of the IP ranges. If the scan is to be performed on your internal infrastructure, a virtual scanner will need to be installed on your network for access.
2. The Mapping/Scanning Phase
This phase is where the agreed IP addresses are mapped (to assist with scope determination) and/or scanned for vulnerabilities and threats.
3. The Reporting Phase
Razorthorn will generate two Vulnerability Reports:
High Level Report
A high-level report to summarise the results, ideal for advising non-technical directors and management.
A technical report which identifies in detail the vulnerabilities and threats found, along with guidance on how to remediate each vulnerability.
Vulnerability Assessment Scanning
A one-off scan
- Our experienced professionals have provided a great many organisations with scanning solutions over the years.
- Our prices are extremely competitive. Our company ethos is that security doesn’t need to be expensive to be effective.
- We provide experience, expertise and an outside-the-box approach to remediation to ensure your organisation is fully protected from threats.