MISSpirit 

Vulnerability Assessment

Basics of a Vulnerability Assessment

An internal vulnerability assessment examines a network from the point of view of internal network access; either by ‘over-curious’ employees or an attacker who has physically or logically breached the perimeter defences.

How Does it Work?

Skilled MIS CDS security consultants are provided only with a network point and from there will enumerate, assess, and covertly attack hosts with a view to breaking into the key servers. Denial of Service, or performance affecting attacks are not used, but consultants can frequently gain full domain administrative access via a series of privilege elevations across vulnerable hosts. The ensuing deliverable is a comprehensive report highlighting issues found within the network using this inside-out approach.

The Results

The report provides an overview of the level of security in addition to detailed analysis of each of the issues. The analysis provided includes full recommendations for addressing any vulnerabilities along with an assessment of severity and ease of correction.

Quick Hit Vulnerability Assessment

Investing in a third party vulnerability assessment reduces the risk of an external entity compromising a running service. The Quick Hit methodology reduces capital outlay but provides a good indication of Internet Security. Combining the quick hit service with an internal procedure review reduces the possibility of compromise exponentially.

The Quick Hit Vulnerability Assessment consists of the following;

• Initial Port scans and service analysis
• Risk analysis and basic vulnerability tests
• Basic configuration testing
• Basic cgi analysis