Network Vulnerability Assessments are integral to a systematic and proactive approach to network security that reduces the risk associated with attacks aimed at system and network vulnerabilities and demonstrates compliance with relevant standards, laws & regulations.
Key activities include:
- Leveraging an open-source or commercial network vulnerability assessment tool to discover known system and network vulnerabilities; and,
- Analysis of identified vulnerabilities to minimize false positives, and structure the data in a manner that is most conducive to it being understandable and actionable; and,
- Formal reporting on the process, gap analysis, relevant findings, and mitigation roadmap. Where possible the report will also include: root cause analysis, peer-group benchmarking, good practice benchmarking, executive summaries, and technical summaries.
The predominant benefits realized by a Network Vulnerability Assessment are:
- Quickly identify configuration errors, and patch management issues in an automated and economical manner;
- Capable of being run on an automated, regular basis to provide baseline and ongoing vulnerability management metrics; and,
- Can be used to focus other network assessment activities on areas of greatest need.
Network Vulnerability Assessments are best used:
- As a quick and inexpensive means of assessing the risk associated with a network segment that has not recently gone through a broader Network Security Assessment;
- As part of an ongoing vulnerability/configuration management program, especially in support of demonstrable compliance initiatives for relevant standards/regulations; and,
- As an information gathering mechanism to focus additional assessment activities on areas of greatest need.