Vulnerability Assessments & Penetration Testing

What can vulnerability assessments and penetration testing do for your organization?

Vulnerability assessments are technical reviews using non-invasive technologies such as port scanners and information gathering tools to obtain information about an organization’s technical defenses. After documenting and reporting this information, senior management can either decide to implement new security counter-measures as a result of the risk analysis process or accept the risk and move to testing. After the terms of engagement of agreed to, the security penetration testers will attempt to gain access through ethical hacking means. Finally, a report will be provided to the client and advisory on policy changes may occur. 

  • Gather information using vulnerability scanning and information gathering tools.

  • Prepare a comprehensive port of vulnerability findings and the potential of exploitation.

  • Upon review of report by management, negotiate terms of engagement for penetration testing.

  • Conduct invasive security penetration testing to determine actual exploitability of known vulnerabilities.