Vulnerability Assessment

2.jpg

Vulnerability Assessment is the review of information systems, networks and applications for:

  • known vulnerabilities registered in open vulnerability databases (CVEs),
  • Weaknesses in settings and hardware / software versions,
  • Weaknesses in functions and database implementations, etc.

with the aim of promoting their rehabilitation and / or reducing the likelihood of exploitation / severity of their impact, if and where necessary.

Examples of threats that can be identified for resolution through a Vulnerability Assessment:

  • SQL Injections, XSS and other code injection related attacks,
  • Privilege Escalations due to faulty user authentication mechanisms or inaccuracies in settings,
  • Software Weaknesses in Use (CVEs),
  • Sensitive data leaks (Google Dorks, sensitive URLs, Banner grabbing, visible protocols / web services etc.),
  • Network Weaknesses (possibility of MITM attacks, Wireless access point intrusion, etc.).

The Service is implemented by a specialized executive of our Company using the Forensics & Penetration Testing Platform "Kali Linux".

With the implementation of the service, a detailed technical Report is delivered with proposals concerning the resolution of findings and Security Hardening.