Vulnerability Scans

Why have an External Vulnerability Assessment?

It’s the most cost-effective way to understand your risk of outside attacks.

External vulnerability scans help you quickly verify that your network is configured in ways you expect—and keep unwanted people out. This scan will help you

  • detect security holes (vulnerabilities) in your network firewall
  • understand which systems/devices on your internal network are accessible from the Internet
  • determine what may require immediate action

Vulnerability scans are particularly important to conduct whenever changes to your network (or the people who manage it) have occurred.

It’s required.

If your business requires HIPAA or PCI compliance, chances are you will be asked to verify your network has been scanned for external vulnerabilities on a quarterly basis. Likewise, some business partners require vendors to provide evidence their IT infrastructure is routinely scanned to minimize risk.

It can save you money.

In addition to proactively addressing security issues, having excellent security controls may help you get a better rate from your insurance company. Routine scans help promote a stable, and just as important, secure environment.

What are the Deliverables?

Following the scan conducted by our in-house security expert, we will provide:

  •  a written summary of the scan outlining issues that need to be addressed, such as firewall settings to confirm with your IT staff along with possible next steps to take to eliminate the vulnerability
  • a comprehensive report of every port and device found during the scan, noting high, medium, and low priority issues

Depending on what is discovered, we may recommend additional steps, such as an internal vulnerability assessment, penetration testing, a password security audit, or a comprehensive security controls audit to help strengthen your infrastructure.

Internal Vulnerability Assessment

During an internal vulnerability assessment, we look at what your information systems infrastructure looks like from the inside. Are the areas meant to be private accessible to unauthorized users? How could someone with inside access disrupt your system, and what measures can be taken to prevent bad actors from damaging your network?

The deliverables are the same as above — a written summary of our findings and any next steps necessary to address any vulnerabilities we find. Call for additional details.