Vulnerability Assessments
Vulnerability assessments evaluate given networks with a focus on identifying vulnerabilities that are then categorized as Critical, High, Medium, Low, or Informational. If code execution is allowed in the Rules of Engagement (or ROE), we will also manually verify findings when safely possible to reduce false positives. If a finding could not be safely verified, the reasons will be noted in the report (e.g., the vulnerability was a denial of service and such testing was not explicitly approved).
Note that this is different from a Penetration Test in several key aspects:
- Even with Code Execution, we will stop after confirming the vulnerability. Further impact of that vulnerability or how vulnerabilities could be chained together is not tested and thus the full risk and impact may not be discovered.
- Vulnerabilities that are specific to business context cannot be found by a vulnerability scanner. For example: a scanner often doesn’t know that a public page on your website contains sensitive information to your business.
- Tactics and techniques specific to post-exploitation are not tested. For instance, vulnerability scans cannot identify how susceptible your network is to lateral movement techniques.
Advantages of a Vuln Assessment
- Affordable
- Vulnerability Assessments can be performed at a fraction of the cost that penetration tests typically go for.
- Quick
- Because they are only one part of an actual penetration test, they can be completed in several days or even hours.
- Minimal Disruption
- There are much less moving parts to a VA, including a shorter execution window, meaning less disruption to business operations.
Vulnerability assessments are ideal for organizations wanting an initial and/or periodic validation of basic security practices and controls on their external perimeter and/or internal network.