Vulnerability Assessment

Specifically for the area of Security Management, the objective of the Security Vulnerability Assessment is to assess the system and network security vulnerabilities of the customer’s existing system and network (probing phase) – that is, to identify holes where hackers and intruders can gain access to the customer’s internal network, for the purpose of altering assets, tampering with customer accounts or otherwise using IT resources for the purpose of financial gain, political statement or simply curiosity.

At the conclusion of this exercise, the customer shall receive a set of prioritised recommendations for reducing those vulnerabilities.

The following methodology is applied for this assessment services:

Scope
Purpose
Vulnerability assessment
  • Conduct vulnerability assessment at customer’s site.
  • Analyse the vulnerabilities of devices.
  • Observe the physical security within the network infrastructure.
  • Assess operational aspects of security within the network environment.
  • Utilize software and/or hardware-based tools to facilitate the assessment of security vulnerabilities.
Interview key personnel
  • The customer’s staff, responsible for security policies and operations, will be interviewed to determine additional areas of concern and to suggest possible courses of action.
Reporting
  • Document key findings and prioritized recommendations, an analysis of vulnerabilities and other areas of concern, and actions for remedies where appropriate.
Management presentation
  • Present findings to the customer’s management.