A vulnerability assessment (also reffered to as vulnerability scanning) identifies technical vulnerabilities in computers and networks, as well as weaknesses in policies and practices related to the operation of these systems.
The vulnerability assessment identifies what services your hosts are offering, and whether or not the policies and procedures associated with them are in line with industry and company standards for security.
For a complete and consistent approach, Compass IT Compliance utilizes industry best practices and methodologies such as the Open Source Security Testing Methodology Manual (OSSTMM) and National Institute for Standards and Technology (NIST). There are four major phases to the vulnerability assessment:
Compass IT Compliance designs its internal vulnerability assessment to find existing vulnerabilities in internal hosts, such as servers, workstations, printers, routers, switches and other network devices and infrastructure components. In addition, we will attempt to determine the root causes of the vulnerabilities identified.
Compass IT Compliance will evaluate the configuration of your 802.11x wireless network implementation, including: