Vulnerability Assessment is the review of information systems, networks and applications for:
- known vulnerabilities registered in open vulnerability databases (CVEs),
- Weaknesses in settings and hardware / software versions,
- Weaknesses in functions and database implementations, etc.
with the aim of promoting their rehabilitation and / or reducing the likelihood of exploitation / severity of their impact, if and where necessary.
Examples of threats that can be identified for resolution through a Vulnerability Assessment:
- SQL Injections, XSS and other code injection related attacks,
- Privilege Escalations due to faulty user authentication mechanisms or inaccuracies in settings,
- Software Weaknesses in Use (CVEs),
- Sensitive data leaks (Google Dorks, sensitive URLs, Banner grabbing, visible protocols / web services etc.),
- Network Weaknesses (possibility of MITM attacks, Wireless access point intrusion, etc.).
The Service is implemented by a specialized executive of our Company using the Forensics & Penetration Testing Platform "Kali Linux".
With the implementation of the service, a detailed technical Report is delivered with proposals concerning the resolution of findings and Security Hardening.