This service provides a vulnerability assessment for critical ICT Infrastructure (including servers, storage, communications, and Internet services).
Initial vulnerability assessments usually uncover an overwhelming number of risks and items to action. Careful assessment and classification of the findings along with taking a practical approach to addressing the issues is the key to managing the vulnerabilities. Addressing the root cause and then revising the relevant policies and processes should also be included in the remediation processes.
Server, endpoint, and infrastructure vulnerabilities tend to be the highest risks and we recommend that these are addressed following a strict process to ensure patches and updates are applied at least monthly. Many vulnerabilities require more than simply applying a patch to remediate and should be tracked over time.
|External Vulnerability Assessment||Carry out vulnerability scanning of externally accessible services. Provide a report on the findings with feedback and recommendations for improvement.|
|Internal Vulnerability Assessment||Carry out vulnerability scanning inside or within a secure trusted environment. Provide a report on the findings with feedback and recommendations for improvement.|