The National Vulnerability Database CVE has reported a total of 36157 vulnerabilities which translates to a CVE publication rate of 18.9 vulnerabilities per day. Organizations have significant challenges keeping up with understanding & implementing fixes for the vulnerabilities. Prioritization of the known vulnerabilities, determining the business impact and hence the mitigation plan is one of the most significant challenges for any organization.
A Vulnerability Assessment is an examination of all the technical vulnerabilities present in a network. Both external and internal vulnerabilities must be identified and validated to provide a "hackers view" into the network and systems. Vulnerability Assessment involves the discovery and documentation of known vulnerabilities in pre-defined systems which can be exploited to obtain unauthorized access and compromise confidentiality, integrity and availability of information.
VA key benefits
• Create proactive focus on information security
• Find potential vulnerabilities before hackers find them
• Keep systems up to date and patched
• Reduce security risk and liability
• Prevent confidential information from leaking
• Protect intellectual property
• Abate Financial loss and negative publicity
• Increase Internal compliance Level
Vulnerability Assessment is an examination of all the technical vulnerabilities present in a network.
WHAT TYPES OF SECURITY VULNERABILITIES DO I NEED TO BE AWARE OF?
Risks associated with vendor-supplied software: includes bugs, missing operating system patches, vulnerable services, and insecure choices for default configurations.
Risks associated with administration: includes options available but not used correctly, insecure requirements for minimum password length or unauthorized changes to the system configuration.
Risks associated with user activity: includes risky “shortcuts,” such as sharing directories to unauthorized parties, policy avoidance such as failure to run virus scanning software or using modems to dial in past the corporate firewall, and other, more malicious, activities.
• Executive summary consisting of statistics of the number of vulnerabilities per host, general observations, and how these vulnerabilities affect your business.
• Summary of the security posture of the host including whether or not MIEL consultants were able to gain unauthorized access and recommendations.
• Technical reports containinga detailed description of the activities along with the results and recommendations are presented to the client.
• Detailed information regarding the ports found, vulnerabilities discovered, vulnerabilities exploited, their impacts on the company and recommendations.
Copyright@2012 MIEL e-Security Pvt Ltd I All rights reserved I Site Map
Designed by Design Accent