Vulnerability Assessments

‘Having an approach to identify baseline technology builds and processes for ensuring configuration management can greatly improve the security of systems. You should develop a strategy to remove or disable unnecessary functionality from systems, and to quickly fix known vulnerabilities, usually via patching. Failure to do so is likely to result in increased risk of compromise of systems and information.’ National Cyber Security Centre (NCSC), 10 Steps to Cyber Security

Vulnerability Assessments identify and address any security exposures before attackers can exploit them. Scanning tools are used to scan all IP addresses on the network and to identify vulnerabilities such as out of date software and patches. Depending on scope, assessments can cover an organisations internal network, external boundary or both.

The vulnerability assessment report will show a detailed network map of all end points which can be referenced against the companies IT asset register. Any unofficially added devices to the network are thus identified - such rogue devices are seldom hardened or secured and therefore introduce unwanted risk to the network.

Cyber Essentials Plus requires that networks covered by the certification are scanned for vulnerabilities every six months, this is good practice whether you are certified or not. Contact us to discuss our discounted recurring cyber assessment packages. 

Our tests include, but are not limited to the following areas:

  • SQL injection

  • Cross site scripting

  • Convert data harvesting

  • Password and credential harvesting

  • Denial of service

  • Application and operating system exploitation

  • Server and network shutdown

Patching status: Patch management status for Microsoft, Mac OS X, and Linux Operating systems and applications.

Full network audit: Hardware configuration testing for all connected devices, including wireless and mobile.

Software audit: Mapping of installed software on all connected devices and identified vulnerabilities

Our vulnerability assessment can cover the following (scope agreed with client):

  • Firewalls

  • Routers

  • Managed / Un-Managed Switches

  • Hubs

  • User Access Devices (UAD)

  • Servers (Windows / *nix)

  • Wireless Access Points

  • Web Applications

  • Public Website


CSA has a team of experienced and certified cyber professionals who carry out our assessments. CSA adheres to the OSSTMM penetration testing methodology and code of ethics. Most of the CSA advisors are former UK Government cyber operations specialists who bring extensive Governmental and Industry cyber experience and expertise. At least one member of the assigned testing team will hold the Certified Information Systems Security Professional (CISSP) certification, in addition to bespoke cyber technical certifications and qualifications such as OSCP (Offensive Security Certified Professional).