Vulnerability Audit

A Comprehensive Audit

A vulnerability audit is a comprehensive and detailed assessment of your company's security level. Using policies like an access control policy and Defense-In-Depth reduces the risk and the damage caused by attacks no matter whether the adversary comes from outside or inside. In contrast to classical penetration tests this type of audit also covers devices that do not come as direct entry point to your network, although they might be relevant for integrity or security.

Overview

The internet as giant communication medium and the corresponding connectivity of millions of devices leads to diverse risks in security. Automated or targeted attacks on external and internal IT systems are an increasing threat. Often vulnerabilities in infrastructures result in huge economic damages that could have been prevented.

A vulnerability audit is a comprehensive audit of your entire IT infrastructure in order to find vulnerabilities and issues. This is done by using diverse tools like scanners to help analyzing your network. Their outcome is the basis for extensive and detailed next steps.

During the audit, you get regular reports, that keep you up-to-date and informed about the running steps. In the very end, you get a final report that contains all the details about issues, their rating and how to come by. Every issue is prioritized which makes it easier to decide about your next step.

Properties

A vulnerability audit is a security audit where the following properties apply.

What can be tested

applications, services, network devices, servers, clients

Basis of information

white, grey or black box

Source

external or internal

Strategy

direct attack attempts or covert attack

Scope

full

Aggressiveness

passive, polite, aggressive or paranoid

Get more InformationContact