Vulnerability Assessment

Your security is only as good as your weakest link.

What is a vulnerability assessment?


A vulnerability assessment is the process through which we identify the weak points that could be exploited on your network, along with how important the associate threat really is. Silent Breach conducts a thorough analysis to determine the attack surface that is intentionally or unintentionally exposed, and correlates it with a risk value to determine your security posture.

Vulnerability assessments differ from penetration testing in that no actual network penetration is performed. The goal is rather to draw a full map of your current network security, and see where it can be improved. Vulnerability assessments tend to be more exhaustive than penetration testing because they take a holistic approach to analyze your overall security configuration, rather than focusing on attack vectors.

image

Why perform a vulnerability assessment?


Having anti-virus protection and being up to date with all the latest system patches is usually only the first step towards a truly secure network. Security is often overlooked at the human level. For example, network equipment may be deployed with default passwords, with unnecessary services running on the main server while default user accounts remain open.

Connected devices can also be an attack vector; printers, routers, and switches are all potential back doors for hackers. Vulnerability assessments help you sanitize your network environment and reduce the attack surface to the bare minimum required to successfully grow your business.

Pro-active approach to security


Fully understanding and quantifying your security posture is invaluable information.

Too many organizations wait until they are actually compromised before implementing serious security measures. But how can you concretely protect your business if you don't understand the extent to which you are exposed? Silent Breach offers a comprehensive approach to security and a full understanding of your exposure, along with a quantified and concrete list of risks, sorted by priority. This enables your IT team to take the right measures in the most relevant order to protect your digital assets.

For periodic vulnerability assessments and a more comprehensive all-around protection, consider our Managed Defense Program.

image

Assessment Types


Infrastructure


Infrastructure attacks are very frequent as network gear is common to many corporations and sometimes carry known risks, default credentials and design faults. By exploiting outdated firmware on these devices, it is possible to penetrate your network where you least expect it (such as through your printer).

Physical


Protecting against physical access to your infrastructure is crucial to your security strategy. Any network security measures can be overridden by a physical intervention on your systems. Though less likely than remote network penetration, it can still be a valid angle for a local attacker, a former employee, or an opportunistic attacker.

Application


Almost 80% of all attacks target web applications. Because timelines are short, and programming languages are complex, coders sometimes take short-cuts and fail to check for bad user inputs. For these, and so many other reasons, web application penetration has become the number one cause of security breaches.

Social


Social hacking is a classic yet highly effective method to gain easy access to secured networks. Why spend weeks hacking through your target's network security when you can trick someone into simply handing over their password?
Implementing security policies is a team based effort, meaning that the entire company should be security conscious.



Contact Us