B&B - VULNERABILITY ASSESSMENTS

Client Portal

WHAT IS A VULNERABILITY ASSESSMENT?

A Vulnerability Assessment refers to the process of identifying weaknesses in an information system. An assessment identifies risks and vulnerabilities in computer networks, applications and hardware whilst providing a level of severity to those vulnerabilities. Security experts collect the information needed to analyse and prioritise risks for potential remediation.

TYPES OF ASSESSMENT

There are 4 main types of vulnerability assessments. These include:

Host Assessment

Assessing critical servers which are vulnerable to attacks.

Network and Wireless Assessment

Assessing policies and practices on private or public networks to prevent unauthorised access.

Database Assessment

The process of identifying sensitive data across an organisation’s infrastructure. Assessing databases or big data systems for misconfigurations.

Application Scans

Finding Security vulnerabilities in web applications using automated scans on the source code.

HOW WE CAN HELP

Vulnerability Assessment Process Image

IDENTIFY

Scans to identify vulnerabilities in IT systems and networks. Our security experts will test the health of applications, systems and servers using automated tools or manual testing.

ANALYSE

Distinguishing the cause of the vulnerability by identifying the system components responsible for each one. By finding the source and cause of the vulnerability, this step then provides our security experts with a clear path for remediation.

PRIORITISE

This step involves assigning severity levels to each vulnerability found through scans and tests. Our security experts will prioritise vulnerabilities for remediation based on risk. For example, which data is at risk, which systems have been impacted, potential damage & the ease or severity of a potential attack.

REMEDIATE

The process of mitigating each vulnerability. Our security experts and operational staff will perform updates and introduce new security tools and procedures. Where necessary, the development of a vulnerability patch could be required. Having regular vulnerability assessments and scans is an effective way to keep on top of remediation actions.

Vulnerability Assessment Tools

Vulnerability Assessment tools automatically scan for existing and new threats that can target your organisation. The different types of tools include:

1. Protocol Scanning – Scans for vulnerable protocols, network services and ports.

2. Web Application Scanning – Testing known attack patterns.

3. Network Scanning – Discovering stray IP addresses and suspicious packet generation from a single IP address.

Regular and automated scans of IT systems will feed into the organisations ongoing vulnerability assessment process.

Benefits of a vulnerability assessment

  • Identify IT security threats and weaknesses early and consistently.
  • Security teams can perform remediation actions to protect sensitive information.
  • Meeting Cyber Security compliance and regulations for areas such as PCI DSS; FCA and PRA.
  • Preventing unauthorised access into IT systems and networks; preventing data breaches from:

    – SQL & XSS injection attacks

    – Faulty authentication mechanisms and escalation of privileges

    – Insecure defaults – such as software with guessable admin passwords

Our Services

Contact Us
Today

Drop Us a line

Contact Us

  • This field is for validation purposes and should be left unchanged.