Vulnerability assessments should be an integral part of a mature, proactive security program. Organizational changes – such as the implementation of a new system or update of an existing application – often introduce new vulnerabilities into organization. Periodic vulnerability testing can ensure you always have visibility into the security threats facing your organization. It is also a required component of common compliance mandates.
A vulnerability assessment sets the foundation for a number of your security initiatives. A vulnerability assessment allows you to:
Focal Point clients frequently use a vulnerability assessment as the foundation for future penetration testing efforts. By evaluating the severity of the internal and external threats to your organization, you are able to develop a robust remediation strategy, prioritize future security projects and enhance security controls.
Focal Point vulnerability assessments use both automated and manual techniques to evaluate the overall security of an organization’s systems and provide a valuable baseline for determining appropriate safeguards. In order to produce accurate results and measurable metrics, all of Focal Point's security professionals follow the industry standard Open Source Security Testing Methodology Manual (OSSTMM).
Focal Point's standard process ensures that the latest vulnerability signatures are used at the beginning of every assessment. Threats are present for several diverse platforms such as HPUX, AIX, Windows, various Linux derivatives, Macintosh, Netware, Solaris and multiple network device vendors. Focal Point frequently uncovers vulnerabilities such as:
Following the vulnerability assessment, our team delivers a detailed report that identifies all vulnerabilities, provides recommendations for improvement and assist in vulnerability remediation.