A vulnerability assessment is a test that can be performed externally from your organization’s network, within your internal network, or both. Vulnerability assessments attempt to identify as many different security vulnerabilities within the testing environment as possible.
When beginning a vulnerability assessment, FortyNorth Security will work with your organization to determine the scope of the test and identify any systems that should not be assessed. We utilize custom developed scripts or a commercial vulnerability scanner to aid in the process of performing an automated and authenticated sweep for vulnerabilities.
As potential vulnerabilities are identified, we will validate whether the finding is confirmed or if it’s a false positive. This process is repeated to identify and validate as many vulnerabilities as possible within your organization.
At the conclusion of your assessment, you will receive an evidence-backed report containing a prioritized list of validated vulnerabilities that should be reviewed and planned for remediation.
A vulnerability assessment is perfect for organizations who are in the preliminary stages of securing their environment. A vulnerability assessment can identify assets within your organization and help reduce your attack surface. The vulnerability assessment is an excellent first step prior to conducting either an external or internal penetration test.