What is Vulnerability Testing?
A Vulnerability Testing service checks either Network / Infrastructure components (Firewalls, Routers, Servers etc.) or Web Application Components (Websites, Portals, Restricted Web Access Systems etc.). The goal of the service is to find loopholes in security, which would allow an intruder to gain unauthorized access.
Checking Network equipment (Servers, Routers etc.) for Vulnerabilities
Checking Web Applications (Websites, Portals etc.) for Vulnerabilities
Same methods Hackers employ prior to hacking into a client network
What Checks are being performed?
The checks include the search for known and unknown system or web application vulnerabilities, missing patch levels, out of date operating systems, out of date software revisions as well as open and exposed ports.
Known and Unkown Vulnerabilities in Network or Web App components
Out-of-date software / hardware in use
Missing patches
Open and exposed services and ports
Why is Vulnerability Testing necessary?
Millions of Internet facing customer networks are being attacked on a daily basis. If you care about your IT infrastructure and you want it safeguarded, you should regularly have vulnerability assessments performed, before a malicious hacker exploits potential weaknesses.
How many systems do have vulnerabilities?
In our assessments we find that 95% of all of our clients have either at least one or more critical, high or medium severity vulnerability.
Why are there so many vulnerabilities?
IT landscape changes at rapid speed. Businesses use a lot of open source software, don’t maintain latest software revisions, have unnecessary services and port exposed to the Internet but are unaware of the security holes they are introducing.
Wrong configuration of servers
Running out of date software / missing patch levels
Weak Application Coding
Use of Open Source software
Exposing unneeded ports and services to the Internet
Vulnerability Test vs. Penetration Test
A vulnerability assessment is a series of manual investigation / probing as well as automatic scanning and it reports on all known vulnerabilities and flaws found in systems. A Penetration Test takes the encountered vulnerabilities and flaws and tries to actively exploit them to gain access to the systems like a malicious hacker would.
VULNERABILITY TESTING PACKAGES
BRONZE Package
- Network Vulnerability Testing against specified IP enabled devices
- Web Application Vulnerability Testing against specified Web Apps
- Service can contain External and Internal Vulnerability Assessments
- Executive summaries, in-depth technical report and mitigation advice
- One time off or yearly test
SILVER Package
- Network Vulnerability Testing against specified IP enabled devices
- Web Application Vulnerability Testing against specified Web Apps
- Service can contain External and Internal Vulnerability Assessments
- Executive summaries, in-depth technical report and mitigation advice
- Twice a year testing package (10% discounted)
- Delta report comparison to the previous report
GOLD Package
- Network Vulnerability Testing against specified IP enabled devices
- Web Application Vulnerability Testing against specified Web Apps
- Service can contain External and Internal Vulnerability Assessments
- Executive summaries, in-depth technical report and mitigation advice
- Quarterly testing package for maximum protection (20% discounted)
- Delta report comparison to the previous report