Network Vulnerability Assessment

Share this page:

Network Vulnerability Assessment Information

Network Vulnerability Assessments are integral to a systematic and proactive approach to network security that reduces the risk associated with attacks aimed at system and network vulnerabilities and demonstrates compliance with relevant standards, laws & regulations.

Key activities include:

Leveraging an open-source or commercial network vulnerability assessment tool to discover known system and network vulnerabilities; and,
Analysis of identified vulnerabilities to minimize false positives, and structure the data in a manner that is most conducive to it being understandable and actionable; and,
Formal reporting on the process, gap analysis, relevant findings, and mitigation roadmap. Where possible the report will also include: root cause analysis, peer-group benchmarking, good practice benchmarking, executive summaries, and technical summaries.

The predominant benefits realized by a Network Vulnerability Assessment are:

Quickly identify configuration errors, and patch management issues in an automated and economical manner;
Capable of being run on an automated, regular basis to provide baseline and ongoing vulnerability management metrics; and,
Can be used to focus other network assessment activities on areas of greatest need.

Network Vulnerability Assessments are best used:

As a quick and inexpensive means of assessing the risk associated with a network segment that has not recently gone through a broader Network Security Assessment;
As part of an ongoing vulnerability/configuration management program, especially in support of demonstrable compliance initiatives for relevant standards/regulations; and,
As an information gathering mechanism to focus additional assessment activities on areas of greatest need.

Vulnerability Assessment Options

Dependent upon client objectives and request for attestation we may employ various Network Penetration Testing techniques aligned with said objectives.

The Investigative Attacker doesn’t have a lot of time, and doesn’t have a lot of tools, and may not even be targeting you specifically. He may stumble upon your external IP during a sweep and will pay you little mind unless you have an obvious security problem. Attackers that get in through a blank or default password on an administrative account are Investigative Attackers.

The Intentioned Attacker has more time, and a few more tools than the Investigative attacker. More importantly, she has intent. She wants to find a weakness in your network specifically. Attackers that get in by exploiting an unpatched vulnerability in an operating system or network service are Intentioned Attackers.

The Tenacious Attacker has time, tools, intent, and determination. He is willing to go the extra mile to make it past your defenses. He may even attempt social engineering to find a way beyond your perimeter defenses. He will do it quietly, though, and take care to go unnoticed. Attackers who convince your help desk to reset an account password for them are Tenacious Attackers.

Network Vulnerability Assessment Downloadable Resources

Network Vulnerability Assessment Articles

Learn How We Can Help You

ISO 27001 Roadmap

ISO 27001 is manageable and not out of reach for anyone! It’s a process made up of things you already know – and things you may already be doing.

Database Security Roadmap

Database Security is one step in a comprehensive approach to building a robust Information Security Management System.

Penetration Testing

Penetration Tests are often used in a manner that is inconsistent with achieving the assurance that the organization seeks.

SIEM Whitepaper

Best Practices for SIEM learned from working closely with numerous vendors and customers on a wide variety of SIEM projects.