A vulnerability assessment is a method of identifying and quantifying the vulnerabilities within a device, system or network. This service is not as deep as a penetration test, but it is not designed to be. In many cases one of the first things to do is to gain an understanding of the vulnerabilities within the estate and identify the “low hanging fruit” where an attacker may be able to gain unauthorised access to a system. Correcting common mistakes identified by a vulnerability assessment can reduce your exposure by up to 90%, and in turn, lower the chances of a successful attack against the environment. Throughout our experience of consulting, forensics and testing, most issues stem from the basics, and vulnerability analysis is a core tenet of security testing used to resolve common errors, misconfigurations, or missing patches.
Internal Network
The internal network-layer vulnerability assessment is usually conducted through a device installed on-site, and identifies network layer vulnerabilities within standard application stacks. Vulnerabilities are indexed by version 2 of the Common Vulnerability Scoring System.
Output: Internal vulnerability assessment report identifying which IP addresses and host-names are affected, details of the vulnerability, an indication of severity and advice on remediation activities.
External Network
The external network-layer vulnerability assessment is conducted from our secure datacentre location against your internet-facing system components. The network layer test identifies network layer vulnerabilities within standard application stacks. Vulnerabilities are indexed by version 2 of the Common Vulnerability Scoring System.
Output: External vulnerability assessment report identifying which IP addresses and host-names are affected, details of the vulnerability, an indication of severity and advice on remediation activities.
Web Application
The external web application vulnerability assessment is conducted remotely. The application layer test identifies application layer vulnerabilities based upon version 4 of the Open Web Application Security Project (OWASP) testing methodology and includes testing against the 10 most common types of application vulnerabilities, often referred to as the OWASP top 10.
This test can also be completed for internal web applications through a device installed on-site. Our testers will evaluate the web application from an insider’s perspective.
Output: Web application vulnerability assessment report identifying which IP addresses and host-names are affected, details of the vulnerability, an indication of severity and advice on remediation activities.
Our assessment methodology can be conducted in unauthenticated and authenticated modes. Unauthenticated testing is conducted where the assessed entity does not share any credentials with the assessor. The vulnerability assessment covers the ports, protocols and services which can be enumerated by the assessment. Whereas, authenticated testing is conducted where the assessed entity provides authentication credentials with the tester. The vulnerability assessment can then login to system components which provides a more detailed report on the patching and configuration of the system components within the scope of the assessment.
Vulnerability assessments should be conducted on at least a bi-annual basis as they are a great way to maintain an overall ongoing level of security, ensuring that all relevant security patches are in-place and that system configurations follow acceptable practices and are being maintained appropriately. Our service allows for these to be conducted on-demand or in a retained service basis with a specified number of tests to be conducted against a defined testing scope.
We use humans to do our vulnerability testing and not just rely on a platform – why? So that the results are reviewed and will be real. Having seen many reports there are numerous instances where identified vulnerabilities cannot be validated, cannot be exploited or blatantly do not exist. Your time is precious so our team ensures what you get back is real and an accurate reflection of your security.
PCI-Secure provides this service to commercial customers as well as those in high risk areas of gambling and insurance. You have never heard of these companies or seen them in the news, as they use our services to stay secure! It is no longer a case of if but when and how badly. Our consultants are real people and the team have skills across testing, forensics, ISO27001 implementation and PCI DSS so we can provide real world testing and pragmatic remediation. If the team spots a breach or potential breach, we are best placed to use our forensic services to confirm if this has occurred, and can help you throughout the criminal and legal processes. Talk to us today about how we can help you….