Network Vulnerability Assessment
Network Vulnerability Assessment Services
Network Vulnerability Assessments reduce the risks associated with system and network attacks by pro-actively identifying vulnerabilities and demonstrating compliance with relevant standards, laws & regulations ( HIPAA, PCI DSS, NERC, etc.). This process classifies your system’s weaknesses without actually compromising it.
When Pivot Point Security performs a Network Vulnerability Assessment, one of our security engineers will discover system and network vulnerabilities. Our tests are designed to minimize false negatives (no security vulnerability goes undetected) and also false positives (no vulnerability is reported as present when it is not).
Key steps in a Network Vulnerability Assessment include:
- Leveraging an open-source or commercial network vulnerability assessment tool to discover known system and network vulnerabilities
- Analysis of identified vulnerabilities to minimize false positives, and structure the data in a manner that is most conducive to it being understandable and actionable
- Formal reporting on the process, gap analysis, relevant findings, and mitigation roadmap. Where possible the report will also include: root cause analysis, peer-group benchmarking, good practice benchmarking, executive summaries, and technical summaries.
The benefits of a Network Vulnerability Assessment are:
- Identify configuration errors, and patch management issues in an automated and economical manner
- Capable of being run on an automated, regular basis to provide baseline and ongoing vulnerability management metrics
- Can be used to focus other network assessment activities on areas of greatest need
Network Vulnerability Assessments are best used:
- As a quick and inexpensive means of assessing the risk associated with a network segment that has not recently gone through a broader Network Security Assessment
- As part of an ongoing vulnerability/configuration management program, especially in support of demonstrable compliance initiatives for relevant standards/regulations
- As an information gathering mechanism to focus additional assessment activities on areas of greatest need
Vulnerability Assessment Options
Dependent upon client objectives and request for attestation we may employ any various Network Penetration Testing techniques. We target the different types of attackers who may attempt to hack your network to ensure complete security.
The Investigative Attacker doesn’t have a lot of time, and doesn’t have a lot of tools, and may not even be targeting you specifically. He may stumble upon your external IP during a sweep and will pay you little mind unless you have an obvious security problem. Attackers that get in through a blank or default password on an administrative account are Investigative Attackers.
The Intentioned Attacker has more time, and a few more tools than the Investigative attacker. More importantly, she has intent. She wants to find a weakness in your network specifically. Attackers that get in by exploiting an unpatched vulnerability in an operating system or network service are Intentioned Attackers.
The Tenacious Attacker has time, tools, intent, and determination. He is willing to go the extra mile to make it past your defenses. He may even attempt social engineering to find a way beyond your perimeter defenses. He will do it quietly, though, and take care to go unnoticed. Attackers who convince your help desk to reset an account password for them are Tenacious Attackers.