Vulnerability assessment is the process of identifying publicly known vulnerabilities in information system(s) only by using automated means of assessment. The term is often associated with penetration testing and both are widely used interchangeably. However, they are not to be confused with each other as there is a key difference between the two terms. Penetration testing focuses on exploiting uncovered vulnerabilities while an assessment process only pinpoints weaknesses in a system.
The service includes prioritizing vulnerabilities from an automated scan based on their impact, severity and likelihood. It is appropriate for organizations that are inclined to receive a generic overview and perception of their cybersecurity. The main goal is to identify vulnerabilities that might lead to an exposure of assets.
Depending on the system our assessments are divided into two categories:
- Host assessment (internal)
- Network assessment (external)
The final product is a report from an automated scanner that has been proofread and approved by our specialists. A summary and classification of vulnerabilities is also included.