Your business must operate in a constant stream of information: software updates, patches, security advisories, threat bulletins, etc. Understanding and managing vulnerabilities have become a continuous activity, requiring significant time, attention, and resources.
Many cyber attacks take advantage of basic, often unnoticed security vulnerabilities, such as poor patch management procedures, weak passwords, Web-based personal email services, and the lack of end-user education and sound security policies. This makes an effective assessment a critical first step in the effort to protect data.
Regularly scheduled network vulnerability assessments can help an organisation identify weaknesses in their network security before hackers an attack. The goal of conducting an internal or external vulnerability assessments is to identify devices and server on your network that are open to known vulnerabilities without actually compromising your systems.
Network Vulnerability Assessment starts with Asset Discovery which involves doing a network mapping and is essential to provide visibility into your network. Network mapping also helps target the range of IPs for the vulnerability scan. Once I have mapped out your network I can work to granularly define the vulnerability scan to specific network segments and assets of interests.
Using a framework of several open source tools (OpenVAS, NMAP, SQLMap) I perform a comprehensive assessment that can detect security issues in your servers and network devices and provide a security remediation action report.
Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon used to discover hosts and services on a computer network, thus creating a “map” of the network. ~ Wikipedia
OpenVAS (Open Vulnerability Assessment System, is a framework of several services and tools offering a vulnerability scanning and management solution. ~ Wikipedia
Website Security Assessments
I can scan your Web Site, Virtual Host and Web Server for known security vulnerabilities and misconfigurations. My web server scanning service includes testing a website for thousands of possible security problems, including SSL weaknesses, dangerous files, misconfigured services, vulnerable scripts and other issues.