vulnerability_scan_436x270

Uncovering Network Vulnerabilities

Vulnerability scanning use sophisticated software application that aggressively seeks out security flaws on a network.  It is based on a database of known flaws.  Testing is performed across a network on all attached systems for the presence of these known vulnerabilities and generates a report of the findings that can be used to tighten the network’s security.  Vulnerability scanning is accomplished from inside the network with the permission and cooperation of business management.  While using this methodology does an excellent job of finding known vulnerabilities, the one weakness of this approach is that it will not find newly created or “zero-day” threats.  To find these threats requires a penetration test performed by a skilled cybersecurity practitioner.

External Vulnerability Assessment

Changed pricing from $1500 to $990

An external vulnerability assessment examines vulnerabilities for external, Internet facing systems to discover the presence of known vulnerabilities as listed on the Common Vulnerabilities and Exposures (CVE) list.  (https://cve.mitre.org/cve/index.html)   CIT will perform an external vulnerability assessment using the professional scanning tool Nessus.  CIT will scan a list or range of public IP addresses provided by the customer.  CIT will review the results, and produce a report with an analysis of the results and a list of remediation tasks.  Once the vulnerabilities have been remediated, CIT will perform a second scan to confirm that the vulnerabilities have been successfully addressed.

Internal Vulnerability Assessment

Standard

A standard internal vulnerability assessment identifies and examines network vulnerabilities for systems on the internal network or LAN, for the presence of known vulnerabilities as listed on the Common Vulnerabilities and Exposures (CVE) list.  (https://cve.mitre.org/cve/index.html)   CIT will perform an internal vulnerability assessment using the professional scanning tool Nessus.  CIT will scan a list or range of private IP addresses provided by the customer.  Under the Standard Assessment, CIT will provide the report output of the Nessus scan only.

Premium

A premium internal vulnerability assessment identifies and examines network vulnerabilities for systems on the internal network or LAN, for the presence of known vulnerabilities as listed on the Common Vulnerabilities and Exposures (CVE) list.  (https://cve.mitre.org/cve/index.html)   CIT will perform an internal vulnerability assessment using the professional scanning tool Nessus.  CIT will scan a list or range of private IP addresses provided by the customer.  CIT will review the results, and produce a report with an analysis of the results and a list of remediation tasks.  Once the vulnerabilities have been remediated, CIT will perform a second scan to confirm that the vulnerabilities have been successfully addressed.