 |
 |
Internal Vulnerability AssessmentEmployee negligence and even malicious insider actions represent a growing attack vector for networks and databases. Insider actions can be a source of vulnerability for a variety of reasons—from inadequate or infrequent employee training, to staff downsizing and budget cuts. SECNAP Internal Vulnerability Assessment services are a vital step in securing your assets by helping you to identify and resolve internal vulnerabilities before they can be exploited. Assessment Methodology A Vulnerability Assessment Unit (VAU) is deployed onsite to perform the network scans that are central to this assessment, and remains active onsite throughout the assessment. SECNAP audit staff install the VAU after receipt of a completed pre-installation questionnaire and a conference call with the IT and Security team. This ensures that a properly sized VAU is utilized for the engagement and identifies IP address ranges to be tested and excluded. Since the VAU is not placed in-line with the Client Internet connection, there is generally no impact on the network during installation. The VAU enables SECNAP to securely assess all internal hosts and services. Leveraging SECNAP’s advanced internal vulnerability assessment technology, the VAU facilitates the assessment through a combination of functionality that includes: • Systems discovery feature that identifies new hosts on the network • Repeatable vulnerability assessment methodology utilizing a vulnerability database that is updated routinely • Regular vulnerability assessment reports generated automatically in HTML format • Logical device grouping feature that assembles scan results according to IP address groups predefined by the Client • Verifiable security posture feature that identifies Client assets, the criticalities of those assets, and assets that could be vulnerable, all in a repeatable process. Assessment Process The automated scanning conducted by the VAU incorporates a series of tests that address more than 30,000 known vulnerabilities and weaknesses.These tests are generally scheduled during pre-agreed times, and throttled in such a way as to minimize any impact to the Client network. The Internal Vulnerability Assessment also includes review of the following elements: Network architecture (block diagram level) o Placement of firewall Firewall rule analysis IT security policy Systems vulnerabilities detected by the scanning software Password strength Knowing Where You Stand SECNAP Internal Vulnerability Assessment services ensure that your network is evaluated professionally and thoroughly. On completion of work, a comprehensive report is compiled to document internal vulnerabilities detected, and their potential for abuse. Specific remedial actions are recommended and prioritized so that your team can promptly address the most significant vulnerabilities. SECNAP also offers External Penetration Testing, which we recommend deploying in tandem with Internal Vulnerability Assessments. Together, these services provide a useful view of both internal and external vulnerabilities. Click here to request more information or a free consultation.
|
Recent News
- Victor Nappe Interviewed by InfoSec Resources
- CloudJacket Security and Email Encryption Services Now Available Through Data Center Hosting Provider ColoHouse
- CloudJacket Security Helps Make Annual SLPowers Event a Success for Needy Kids
- Robust CloudJacket Dashboard Previewed to Health Information Technology Group
- SECNAP Joins South Florida Hospital and Healthcare Association
- SECNAP Strategic Partner SLPowers Ranked Among Top 50 Small Businesses
What Clients Say
"SpammerTrap is an awesome solution. It is the easiest piece of equipment I have EVER installed and results were immediate. It effectively protects our e-commerce business." Steve Picardi, Network Services Manager, DollarDays / Case Study |
| Read more... |