Organisations are increasingly finding that due to organic growth, organisation mergers and third party connectivity to core infrastructure that the once tightly controlled infrastructure environment is growing out of control. The rapid deployment of new business critical solutions often bypasses standard due diligence in examining the full impact of new services and functionality. Coupled with the rapid evolution of security exploits and the pervasive nature of connectivity this has led to a situation where few organisations have an absolute picture of the vulnerabilities that exist within their organisations infrastructure.

Our Vulnerability Assessment Service provides a comprehensive audit and analysis of the known vulnerabilities present within your infrastructure. The audit is configurable to provide anything from a broad report on the services available within the infrastructure to an in-depth analysis of the vulnerabilities of a specific host or network segment.

We employ a scoping workshop approach to establish the critical areas of the infrastructure before performing the audit using a variety of tools. The tools are designed to offer a range of services from non-invasive discovery scans to highly complex and invasive attempts to subvert existing security implementations. The tool suite is updated on a regular basis to reflect the latest discovered security vulnerabilities.

Once the scan is complete the tool provides both an “Executive Report” to document the high level overview as well as a more “Detailed Report” listing all of the identified vulnerabilities with recommendations for further investigation. The output of the assessment allows the client to:

• Understand the full range of services currently available within the infrastructure
• Identify the unnecessary services that are enabled within the infrastructure
• Identify the vulnerabilities present within the infrastructure
• Remove unnecessary security vulnerabilities before they are compromised
• Demonstrate compliance with Security Policy