Scanning internal and external devices for technical vulnerabilities is a key part of any information security program…a process that should be performed on a regular and periodic basis. Too often, companies relinquish themselves to annual testing and large time gaps between tests, which create uncertainty about the risk levels of host servers and other critical network infrastructure components.
Vulnerability scanning offers broad insight into your environment by helping you analyze prevention, detection and correction controls in a single exercise. VioPoint utilizes QualysGuard® to perform these scans and identify how the weaknesses could negatively impact your overall security posture. We apply subject matter expertise to interpret the scan results and help you understand the business relevance of any real or theoretical impact.
For each project, we employ a multi-step process that includes reconnaissance, scanning, identifying false positives and interpreting the results. At the onset, VioPoint consultants work with you to validate security testing goals and ensure that the findings align with them. Because requirements can vary by organization, our consultants work to understand both the strategic and tactical objectives of your project. This approach ensures that areas tested as well as the methodology employed, will produce results that align with the overall testing goals.
Network vulnerability assessments are an integral part of continuous monitoring and provide ongoing feedback for your program by accomplishing the following:
- Validate patching activities
- Enumerate real and exploitable risks
- Configuration baseline and standards testing
- Identify rogue or unauthorized assets
- Validate change control
- Provide meaningful metrics
From a strategic standpoint, vulnerability scanning should be integrated into an overall vulnerability management program and bundled with periodic penetration testing exercises to provide a realistic view of the impact that technical vulnerabilities can have on your environment. Engaging in ongoing vulnerability scans provides insight, intelligence, and metrics that help you achieve incremental improvement over time. Creating a benchmark and measuring these areas of the program on a repeating basis, reduces risk and increases the overall security posture for the organization.
Related Security Offerings
These related service offerings may also be of interest to you: