Vulnerability Management

A key part of an organization’s Cybersecurity program is its ability to detect vulnerabilities located on IT assets. Many organizations will typically run a network scanner designed to detect vulnerabilities on network assets. This type of a scan will typically detect operating system and network equipment vulnerabilities. In today’s complex internet connected environment, many organizations make data accessible through various means, such as web portals. This requires web application scanning as well as scanning of the underlying databases. In addition, it is important to scan assets to ensure compliance with national standards and organizational baselines. Most companies will run vulnerability and compliance scans, provides the stakeholder with the results and leave the responsibility to the stakeholder to interpret the scans to determine the next steps. Our value lies in the interpretation of the scans. We provide an explanation of the results, assist in identifying false positives, identify the true risk to your systems using our risk assessment methodology and provide a recommended course of action. We can also provide vulnerability tracking throughout the entire vulnerability life cycle so that you don't lose track of the vulnerabilities within your environment. Our scanning services include:

  • Operating System and Network Scanning
  • Database Scanning
  • Web Application Scanning
  • Static Code Scanning
  • Compliance Scanning
  • Scan Results Interpretation
  • Vulnerability Tracking