Vulnerability Assessment

Service request

Why bother?

It is vital for an organization to keep its infrastructure up to date. While security issues (such as configuration issues, missing security updates or insecure applications) can be identified by inspecting every IT resource in detail manually, this type of investigation will generally require time and resources better spent elsewhere. In order to streamline this process, we propose initiating an IT vulnerability scan, allowing you to quickly identify:

  • any vulnerabilities in your IT infrastructure;
  • devices missing critical updates;
  • device misconfigurations (e.g. – default credentials active).

Additionally, risks will be categorized according to the potential impact on your infrastructure, allowing you to set priorities according to the severity of the issue, enabling you to organize an effective risk mitigation plan.

What's the process?

Step 1. We will scan your IT vulnerabilities according to your instructions - either by publicly available resources from the Internet (online) or from intranet resources.

Step 2. We will use automated security testing tools for scanning, i.e. Nessus Professional and BurpSuite.

  • Nessus Professional: one of the world’s leading vulnerability scanners with an engine that allows us to quickly identify more than 60 000 vulnerabilities of various types;
  • Burpsuite Professional: a web application scanner used to identify vulnerabilities found within web applications (e.g. SQL, XML injections, XSS).

Step 3. Any information gathered during the vulnerability scanning phase will be presented in a report with detailed descriptions of the issue, the projected impact on the infrastructure, as well as detailed recommendations on risk mitigation.

What will it provide to my organization?

An IT vulnerability assessment provides a way of quickly identifying vulnerabilities in your IT infrastructure, giving you an overall view of your organization’s security. This process is automated: the observations made will be categorized according to their individual level of the potential risk to the infrastructure. Additionally, we will provide recommendations for risk mitigation.

What are the benefits?

  • Overview of your company’s IT security posture.
  • Identification of potentially unknown or suspicious devices within the network.
  • A quick and effective identification of IT security risks.
  • Network change monitoring via regular scans.
  • Improved network security if recommendations are implemented.
  • Increased knowledge of IT security and associated risks.

This service is provided by Squalio.

A Squalio representative will contact you shortly.

Let's protect.

We are happy to share our knowledge, experience and expertise. Let us know what you need, and we will contact you directly.