Unsure if your IT systems could handle an attack? Vulnerability testing allows you to find the weaknesses and address them before you are attacked for real.
Vulnerability testing is usually carried out on an agreed specific system or target. This differs to a full IT risk assessment, which covers a much larger scope of systems. This can by anything from your externally hosted website, to systems you host internally and maintain yourselves. The aim being to find any vulnerabilities and allow your company to resolve them prior to a real attack occurring
The scope of work involved will depend on the type of system being targeted but could include;
- Scanning for operating system vulnerabilities
- Scanning for website vulnerabilities
- Reviewing if internal LAN systems are patched up-to-date
- Reviewing if externally facing systems are patched up-to-date
- Reviewing if security systems are up-to-date
- Listing, reporting and prioritizing vulnerabilities found
- Recommendation for action
- Presentation of findings to management
A complete vulnerability scan of all systems may also be carried out at the end of implementation of new security systems as part of a Cyber defence strategy.