‘Having an approach to identify baseline technology builds and processes for ensuring configuration management can greatly improve the security of systems. You should develop a strategy to remove or disable unnecessary functionality from systems, and to quickly fix known vulnerabilities, usually via patching. Failure to do so is likely to result in increased risk of compromise of systems and information.’ National Cyber Security Centre (NCSC), 10 Steps to Cyber Security
Vulnerability Assessments identify and address any security exposures before attackers can exploit them. Scanning tools are used to scan all IP addresses on the network and to identify vulnerabilities such as out of date software and patches. Depending on scope, assessments can cover an organisations internal network, external boundary or both.
The vulnerability assessment report will show a detailed network map of all end points which can be referenced against the companies IT asset register. Any unofficially added devices to the network are thus identified - such rogue devices are seldom hardened or secured and therefore introduce unwanted risk to the network.
Cyber Essentials Plus requires that networks covered by the certification are scanned for vulnerabilities every six months, this is good practice whether you are certified or not. Contact us to discuss our discounted recurring cyber assessment packages.
Our tests include, but are not limited to the following areas:
Cross site scripting
Convert data harvesting
Password and credential harvesting
Denial of service
Application and operating system exploitation
Server and network shutdown
Patching status: Patch management status for Microsoft, Mac OS X, and Linux Operating systems and applications.
Full network audit: Hardware configuration testing for all connected devices, including wireless and mobile.
Software audit: Mapping of installed software on all connected devices and identified vulnerabilities
Our vulnerability assessment can cover the following (scope agreed with client):
Managed / Un-Managed Switches
User Access Devices (UAD)
Servers (Windows / *nix)
Wireless Access Points