Vulnerability assessments identify security weaknesses in networks, systems, and applications. Vulnerabilities can stem from an unpatched application or operating system, a small misconfiguration in a firewall or router, or unknowingly providing excessive access to a system or a portion of a network.
Attackers are aware of vulnerabilities and are always looking for easy targets that can be exploited. The impact can be tremendously large and damaging.
It can be difficult to defend against an attack if you are unaware of vulnerabilities already present in your system. New vulnerabilities are discovered in applications and operating systems every day, and can be unintentionally created anytime the system is altered. An aggressive patching policy in conjunction with regular vulnerability assessments can drastically reduce the risk that your system, network, or application will fall victim to an attack.
Frequent vulnerability assessments are a requirement for most compliance standards (NIST, FedRAMP, CCRI, HIPAA, PCI, SOC, etc.).
Our Vulnerability Assessments
External Network Vulnerability Assessment
An external network vulnerability assessment can identify how a potential attacker can cause a threat to your system from the outside of your network. Our team can assess the safety of the entirety of your outward presence, including your perimeter devices, servers, applications, and encryption technology. Anything that is accessible from the Internet, we will assess for potential vulnerabilities. Our assessment includes both a documentation of findings and recommendations on how to remediate or mitigate these vulnerabilities effectively and efficiently.
Internal Network Vulnerability Assessment
While strong external security is paramount, savvy attackers have found ways to circumvent the firewall and other border protection devices. They often do so through client-side attacks, such as enticing users to click a link, open an infected document, and/or leading them to the attacker’s malicious website. Organizations must develop strong layers of internal security to prevent these attacks.
Our internal network vulnerability assessment is based on DoD Security Technical Implementation Guides (STIGs) and industry best practices and which takes into account a wide-range of network issues and identifies weaknesses that need correction, including mis-configurations and policy non-compliance vulnerabilities that a patch management system alone cannot address. It provides a comprehensive picture of all systems, services and devices that can breach a network as well as a complete, prioritized list of vulnerabilities that need to be addressed. Remediation is the follow-up stage after vulnerabilities have been accurately identified. The two work hand-in-hand and form a complimentary process.
With an internal network vulnerability assessment, our security analyst will assess your entire network infrastructure for vulnerabilities. Typically, this assessment will include examining everything, from servers, desktops, and group policy, to the configuration of networking devices and firewalls. Just like our external assessments, our internal assessment includes both a documentation of findings and recommendations on how to remediate and mitigate these vulnerabilities effectively and efficiently.
Our Wireless Security Services
With the mass adoption of wireless technology, it is rare for an organization to operate completely on the wire.
Wireless networks can be an easy attack vector for an adversary to gain entry into a corporate network. Wireless signals can sometimes be picked up a considerable distance from where they are broadcasted with simple, off-the-shelf hardware. If networks are not correctly configured, any information sent over a wireless network can be accessed to anyone within range. Strong wireless security is therefore essential.
Our wireless assessment will provide a comprehensive review of not only all your wireless access points and related wireless networking device configurations but also how the your physical networking environment is protected from your wireless network. This is essential when examining a wireless implementation to ensure that an attacker will be limited when attempting to access the rest of the corporate network, should your wireless network be compromised.
Our team will identify any weaknesses in the configuration or design of your wireless implementation and review against DoD and industry best practices. We will document any findings and provide you detailed recommendations on how to remediate or mitigate those weaknesses as efficiently and effectively as possible, thus greatly reducing the risk to your organization’s environment and sensitive data.
Wireless Penetration Test
A Wireless Penetration Test is the ultimate test to validate your wireless security implementation. Not all vulnerabilities can be fully vetted by a configuration or design review. Sometimes it may be necessary to take the next step and attempt to attack the wireless implementation.
With a Wireless Penetration Test, our security engineers will not only perform a complete Wireless Assessment but will also validate your wireless security by attempting to gain unauthorized access to the wireless network using techniques such as spoofing, encryption cracking, and man in the-middle & Rouge AP attacks. Our engineers will also fully test for any weaknesses that may allow an attacker to access other areas of your corporate network. A Wireless Attack & Penetration Test will identify vulnerabilities and if necessary, our engineers will offer advice for hardening and remediation.