Vulnerability Assessment - WHAT is it?
A vulnerability assessment identifies, quantifies and prioritises (or ranks) the vulnerabilities in a system, using both system and application vulnerability scans.
System vulnerabilities normally exist because of exploitable programming errors in the operating system, and vendors normally release patches when these errors are made public. Patching hundreds or thousands of systems is a tedious business, though, and can sometimes disable functioning applications. Consequently, it is often resisted by IT departments.
Vulnerability scans are semi-automated processes that can check whether patches or updates have been installed, bugs removed and systems securely configured. They report everything found. Our auditors then carefully review the results to ‘sift out’ false positives, and check whether a vulnerability exists and action needs to be taken.
WHEN do I need it?
Vulnerability assessment should be a continuous process for every organisation exposed to the Internet.
We offer vulnerability scanning as a subscription service, usually on a monthly (recommended) or a quarterly or weekly basis. Scans run automatically, and the results are sent by email.