Arrow.png

Vulnerability Assessment

How often have you gotten a new techy toy (new laptop anybody?) & 

immediately reached for the set up?

 

Now think about doing that with a burglar alarm, or new security system. Scary right? So why is your new tech any different?

Our ethical hackers can test the systems you've set up to see whether your company has been left wide open to a cyber-attack.

Isn't it better for this to be tested by someone you trust, rather than a criminal?

Please contact us for more information.

                                                                                      Jump to:

Internal Vulnerability Assessment

 

This involves a scan & review of your systems to search for such weaknesses as:

  • Poorly maintained or designed systems

  • Insecure Wi-Fi networks

  • Insecure access controls

  • Opportunities to access & steal sensitive data

This assessment requires access to your internal network & systems.

It simulates the approach a criminal would take to infiltrate your system, whether through the internet or from an insider threat (e.g. an employee).

The service report that results from this will include:

Plain language - making it easy to understand

Definitions of your weaknesses & associated risks

Plans and guidance on how to fix those risks

What are the risks with this?

Unfortunately poorly maintained or designed systems can suffer outages during this procedure 

How do we minimise this risk?

We ensure that all internal vulnerability assessments are supported with back-out and recovery plans

Do we have any other recommendations?

The IASME Trusted Partner network can provide additional support (e.g. full penetration testing)

Our own Trusted Partners are subject to due diligence by the appropriate, NCSC approved, accreditation body

They are also certifying bodies for the Cyber Essentials and Cyber Essentials Plus schemes, & so can help you achieve these too

Chain.jpg

Identifies weaknesses but DOES NOT exploit them as a criminal would

Remote Vulnerability Assessment

 
Camera Surveillance.png

This remotely reviews your connection to the internet & searches for potential weaknesses

It uses the same methods as a criminal would to perform renaissance on you

​Provides a service report that includes:

  • A plain language, easy to follow, interpretation of the results

  • How any vulnerabilities could be used by an attacker

  • Simple instructions on how any vulnerabilities may be fixed

This assessment is not the same as penetration testing

Instead, it focuses on identifying what weaknesses there are that may compromise your systems

Uses same tools & methods as criminal hackers

Maps your organisations internet connections

Uses professional intelligence to understand latest threats

Do we have any other recommendations?

The IASME Trusted Partner network can provide additional support (e.g. full penetration testing)

Our own Trusted Partners are subject to due diligence by the appropriate, NCSC approved, accreditation body

They are also certifying bodies for the Cyber Essentials and Cyber Essentials Plus schemes, & so can help you achieve these too

What are the risks with this?

Although interaction with your system is kept to a minimum, unfortunately poorly maintained or designed systems can suffer outages during this procedure

How do we minimise this risk?

We ensure that all internal vulnerability assessments are supported with back-out and recovery plans