Skip to main content

Vulnerability Assessments

​​close up sun flare view of man typingVulnerability assessments should be an integral part of a mature, proactive security program. Organizational changes – such as the implementation of a new system or update of an existing application – often introduce new vulnerabilities into organization. Periodic vulnerability testing can ensure you always have visibility into the security threats facing your organization. It is also a required component of common compliance mandates.

Value of a Vulnerability Assessment

A vulnerability assessment sets the foundation for a number of your security initiatives. A vulnerability assessment allows you to:

  • Identify soft spots in your security infrastructure
  • Document and prioritize risks
  • Get recommendations for hardening your security posture

Focal Point clients frequently use a vulnerability assessment as the foundation for future penetration testing efforts.  By evaluating the severity of the internal and external threats to your organization, you are able to develop a robust remediation strategy, prioritize future security projects and enhance security controls.

Vulnerability Assessment Methodology

Focal Point vulnerability assessments use both automated and manual techniques to evaluate the overall security of an organization’s systems and provide a valuable baseline for determining appropriate safeguards. In order to produce accurate results and measurable metrics, all of Focal Point's security professionals follow the industry standard Open Source Security Testing Methodology Manual (OSSTMM).

Focal Point's standard process ensures that the latest vulnerability signatures are used at the beginning of every assessment. Threats are present for several diverse platforms such as HPUX, AIX, Windows, various Linux derivatives, Macintosh, Netware, Solaris and multiple network device vendors. Focal Point frequently uncovers vulnerabilities such as:

  • Missing security service packs
  • Buffer and heap overflows
  • Local and remotely exploitable vulnerabilities
  • Conditions leading to denial of service attacks
  • Backdoors and trojans
  • Default accounts 
  • The presence of rootkits or network hacking tools
  • Firmware vulnerabilities for networked devices

Following the vulnerability assessment, our team delivers a detailed report that identifies all vulnerabilities, provides recommendations for improvement and assist in vulnerability remediation.


tweets by @FocalPointDR

Loading Tweets...