Vulnerability Assessment Service

IT security continues to be a primary focus for well-established companies, especially as it relates to Internet-connected services and assets. Similar to viruses, techniques are constantly being developed to take advantage of vulnerabilities either at the host layer or within the application it serves. But unlike how anti-virus software protects endpoints, web applications and hosts do not proactively scan and protect against malicious activity in real-time. Instead, its most often up to the administrator to harden those assets at deployment time and then apply patches and configuration updates on a regular basis to protect against newly discovered exploits. Even then there is no way to ensure that these systems are protected against the most current threats without scanning them for vulnerabilities.

Vulnerability Scanning for Risk Mitigation & Compliance

InterVision’s Vulnerability Assessment service safely examines your systems and web applications to identify weaknesses against all currently known exploits. These systems may exist in your datacenter (on premise), in a co-location facility, or within a public cloud provider and all should be periodically assessed. The Vulnerability Assessment service leverages best of breed vulnerability scanning technology that is constantly updated to ensure that even the latest well-known exploits are included in the system examination process. The service offers our customers the flexibility to search for and identify vulnerabilities that may exist in both your Internet-accessible as well as internally-facing hosts and web applications.

What are the Benefits of a Vulnerability Assessment?

  • Identify what vulnerabilities exist in your externally-facing or internal systems to understand risk in the environment
  • Specific results and prescriptive recommendations enables remediation of vulnerabilities and minimizes the attack surface
  • Ensure that security compliance requirements are met and reduce risk by identifying and closing security gaps

Inside the Vulnerability Assessment Service

This assessment service is intended to identify vulnerabilities in your IT environment with details and prescriptive recommendations to mediate and reduce risk. By default, the Vulnerability Assessment Service engagement involves the following activities:

  • Discovery
    • Identify environments to be scanned
    • Perform discovery scan(s)
    • Determine & document scope of systems to test (IP selection)
    • Determine & document scope of web apps to test (URL selection)
  • Preparation
    • Provide scanning tool (internal scans)
    • Validate scanning tool communication (internal scan)
    • Configure scanning scope
    • Assist in coordination / communication with 3rd Party providers
    • Schedule scan(s)
  • Execution
    • Perform scan(s)
    • Capture scan results
  • Analysis
    • Parse & organize results data by threat type
    • Analyze results to create key findings
    • Validate and reproduce significant findings
    • Develop prioritized recommendations
    • Produce scan assessment report
  • Delivery
    • Review findings with Customer
    • Update report per Customer feedback (if applicable)

Download Vulnerability Assessment Services Overview