Why choose our Vulnerability Assessment service?

Regular vulnerability assessments conducted throughout the year will enable you to stay
on top of the latest security exploits and vulnerabilities and meet your compliance obligations.
It is an ideal baseline suitable for all your systems and networks.

Our exceptional and highly configurable html reports provide extensive information about the
vulnerabilities in your system population and allow you to track your remediation metrics and
vulnerability trends on a month-by-month basis. Key security issues and management data
are highlighted enabling you to easily identify areas that will bring improvements in your
security posture.

Fed up trying to “discuss”
your security issues with
a web portal?

Our team of qualified testers will be
there to support you before, during and
after your assessment.

Over 10,000,000
assessments performed

Network Discovery Assessment

This service is run on a regular basis over all of your IP network address ranges.
It attempts to contact each IP address on a range of TCP, UDP and ICMP services.
Its purpose is to map responding IP addresses so that you can confirm if the
map matches its documented records and expectations. The service
is an effective way of identifying errors in access control lists and monitoring
for the appearance of new devices in your address space.

Enterprise Blended Vulnerability Assessment

This is an automated and manual (blended) vulnerability assessment of a target system
and is typically run each month or quarter. Targets are defined by their IP address
and Fully Qualified Domain Name. This test includes manual verification of target ownership;
full 64k TCP port scanning; UDP and ICMP service scanning; automated vulnerability
testing; further manual vulnerability testing; a quality assurance phase, where findings
are verified by a second security tester; and full technical support.

As a trained security tester carries out your vulnerability assessment they can think on
their feet. They are not limited to identifying a small fixed number of SQL injection or
Cross Site Scripting examples – they can work new ones out! They can recognise
“sensitive” information, like an image of a passport or birth certificate; or a video feed
from a security camera; or PII data; or a confidential document; or even unauthorised
levels of privileged access. They can infer if that information is unintentionally leaking,
or if its presence is legitimate. To be on the safe side, they will call you if they are unsure.
They will call you if they believe you have a serious security issue or suspect you have
been compromised.

65%

of web sites examined by the OWASP
statistics project leak sensitive information

Source - http://projects.webappsec.org

Does you current automated-only scanning solution do that?
No? Didn't think so.

Step up to a serious vulnerability assessment solution

If you think our services can be of benefit to your organisation, then don’t hesitate to get in contact us. Even if you are unsure as to exactly which services you need, regardless of your size - big or small, we can help.

Designed & Built by e3creative