Internal Vulnerability Assessment
Employee negligence and even malicious insider actions represent a growing attack vector for networks and databases. Insider actions can be a source of vulnerability for a variety of reasons—from inadequate or infrequent employee training, to staff downsizing and budget cuts. SECNAP Internal Vulnerability Assessment services are a vital step in securing your assets by helping you to identify and resolve internal vulnerabilities before they can be exploited.
A Vulnerability Assessment Unit (VAU) is deployed onsite to perform the network scans that are central to this assessment, and remains active onsite throughout the assessment. SECNAP audit staff install the VAU after receipt of a completed pre-installation questionnaire and a conference call with the IT and Security team. This ensures that a properly sized VAU is utilized for the engagement and identifies IP address ranges to be tested and excluded. Since the VAU is not placed in-line with the Client Internet connection, there is generally no impact on the network during installation.
The VAU enables SECNAP to securely assess all internal hosts and services. Leveraging SECNAP’s advanced internal vulnerability assessment technology, the VAU facilitates the assessment through a combination of functionality that includes:
• Systems discovery feature that identifies new hosts on the network
• Repeatable vulnerability assessment methodology utilizing a vulnerability database that is updated routinely
• Regular vulnerability assessment reports generated automatically in HTML format
• Logical device grouping feature that assembles scan results according to IP address groups predefined by the Client
• Verifiable security posture feature that identifies Client assets, the criticalities of those assets, and assets that could be vulnerable, all in a repeatable process.
The automated scanning conducted by the VAU incorporates a series of tests that address more than 30,000 known vulnerabilities and weaknesses.These tests are generally scheduled during pre-agreed times, and throttled in such a way as to minimize any impact to the Client network.
The Internal Vulnerability Assessment also includes review of the following elements:
Network architecture (block diagram level)
o Placement of firewall
o Presence of DMZ
o Other isolation of critical servers o IDS/IPS probe points
o Placement of anti-spam device
Firewall rule analysis
o Inbound rules
o Outbound rules
IT security policy
Systems vulnerabilities detected by the scanning software
o Open file shares
o Updates needed
o Unnecessary services
o Policy review
o Attempts to crack passwords (if Client grants access to password hashes)
Knowing Where You Stand
SECNAP Internal Vulnerability Assessment services ensure that your network is evaluated professionally and thoroughly. On completion of work, a comprehensive report is compiled to document internal vulnerabilities detected, and their potential for abuse. Specific remedial actions are recommended and prioritized so that your team can promptly address the most significant vulnerabilities.
SECNAP also offers External Penetration Testing, which we recommend deploying in tandem with Internal Vulnerability Assessments. Together, these services provide a useful view of both internal and external vulnerabilities.