A Vulnerability Assessment identifies technical vulnerabilities in computers and networks, as well as weaknesses in policies and practices related to the operation of these systems.
The Vulnerability Assessment identifies what services your hosts are offering, and whether or not the policies and procedures associated with them are in line with industry and company standards for security.
For a complete and consistent approach, Compass IT Compliance utilizes industry best practices and methodologies for penetration testing, such as the Open Source Security Testing Methodology Manual (OSSTMM) and National Institute for Standards and Technology (NIST). There are four major phases to the Internet vulnerability and penetration tests:
Compass designs its Internal Vulnerability Assessment to find existing vulnerabilities in internal hosts, such as servers, workstations, printers, routers, switches and other network devices and infrastructure components. In addition, Compass will attempt to determine the root causes of the vulnerabilities identified.
Compass will evaluate the configuration of your 802.11x wireless network implementation, including:
