Vulnerability & Cyber Security Assessments

Vulnerability Assessment

InfoSight's Vulnerability & Cyber Security Assessments provide a complete evaluation of existing and potential vulnerabilities within your organization with the end result of improving your security posture. The evaluations are designed to proactively identify and prevent the exploitation of any existing IT vulnerabilities.

Our main objective is to identify cyber security weaknesses and test how far a potential exploit can compromise your network. We also test your organization's security policy compliance, the effectiveness of your employee security awareness training program, as well as your ability to identify and respond to cyber security incidents.

Benefits of a Vulnerability Assessment & Cyber Security Assessment

  • Identify and safely exploit vulnerabilities on network devices, operating systems, desktop applications, Web applications, databases, and more.
  • Detect and repair potential weaknesses in your network before they can be exploited by cyber criminals.
  • Understand and enhance the current state of your cyber security posture and level of risk.
  • Test your policy agreement and your organization's ability to identify and respond to security threats.
  • Determine the adequacy of employee security awareness as a baseline for skill acquisition and reinforcement of human defenses.
  • Demonstrate compliance with current government and industry regulations such as PCI-DSS, FFIEC, GLBA, and HIPAA/HITECH.
  • Manage resources more efficiently by focusing attention and resources where needed.

Assessments can be performed under the premise of a "Zero Knowledge Attack" using publicly available information or under a "Full Knowledge Attack" scenario.

The goal is to limit exposure and attack surfaces to make compromising and exploitation of network vulnerabilities more difficult.

The Final Report will include a grading format ranging from "severe to low" with recommendations for remediation. Reports are provided for both executive management and the technical teams, and InfoSight will conduct an exit interview to review and explain all necessary remediation tasks in detail.

InfoSight's Vulnerability Assessments can include the following components:

  • External Vulnerability Assessment – Identifies vulnerabilities from the outside-in.
  • Internal Vulnerability Assessment – Identifies vulnerabilities on the inside the network.
  • Social Engineering – Identifies vulnerabilities within human resources and training gaps.
  • Wireless Assessments – Identifies vulnerabilities within wireless networks.
  • Physical Security Assessments – Identifies vulnerabilities in physical security.
  • Application & Database Assessment – Identifies software vulnerabilities.
  • Comprehensive Vulnerability Assessment – combines all of the components together.
Our methodology is described in the accompanying illustration and includes structured review processes based on recognized "best-in-class" practices. Contact us to learn more about how we can help you identify vulnerabilities in your network infrastructure.