Vulnerability Assessment Services
A Vulnerability Assessment identifies technical vulnerabilities in computers and networks, as well as weaknesses in policies and practices related to the operation of these systems.
The Vulnerability Assessment identifies what services your hosts are offering, and whether or not the policies and procedures associated with them are in line with industry and company standards for security.
External Vulnerability Assessment
For a complete and consistent approach, Compass IT Compliance utilizes industry best practices and methodologies such as the Open Source Security Testing Methodology Manual (OSSTMM) and National Institute for Standards and Technology (NIST). There are four major phases to the vulnerability assessment:
- Reconnaissance and Information Gathering
- Enumeration Vulnerability Scanning
- Attack and Penetrate (Optional)
- Internal Vulnerability Assessment
Internal Vulnerability Assessment
Compass designs its Internal Vulnerability Assessment to find existing vulnerabilities in internal hosts, such as servers, workstations, printers, routers, switches and other network devices and infrastructure components. In addition, Compass will attempt to determine the root causes of the vulnerabilities identified.
Wireless Security Assessment
Compass will evaluate the configuration of your 802.11x wireless network implementation, including:
- Rogue Access Point Detection
- Ad-hoc Wireless Device Detection
- Wireless Architecture Review
- Wireless Encryption Key Cracking
