Security Technical Assessment

Service Description

A vulnerability management program is a vital part of an organization's security strategy. Identifying and addressing vulnerabilities ensures that at-risk systems are adequately managed, reducing the likelihood that known attacks will succeed. Our Technical Assessments are designed to identify, measure, and log issues in systems through asset reviews, vulnerability scanning, and expert analysis. We examine scanning results to determine the root causes of vulnerabilities and evaluate the strengths and weaknesses within the client environment. Stated asset counts may include data from both external and internal testing. External and internal tests are conducted on-site and remotely. Asset results depend on availability and access provided. • Firewall review (IT to provide reports) • Switch and network equipment review (IT to provide reports) • Third-party technology supply chain review (access and connectivity) IT support • Updates/maintenance review • Review group policies (IT to provide access) • Review InfoSec Policies • Collect assets/review against departments' asset management (Hardware & Software) • Review VPN and remote access • Vulnerability scan from the outside • High-level Policy availability for Business Continuity, Disaster Recovery, Incident Response, and Information Security Program • Backup procedures defined • Physical security • Media protection and lockdown A report will be provided once all scanning and assessments are completed. After the report is delivered, we will schedule a follow-up meeting to discuss findings and remediation (remote or on-site). 20 Hours included in assessment service