The process of assessing information technology systems and communication systems for security weaknesses can be initiated with a vulnerability assessment. Its purpose is to identify the security risks to your IT infrastructure and business. 

What is a Vulnerability Assessment?

It can be performed either externally to emulate an attack from the internet or remote network, or internally to emulate an attack by a malicious insider.

Once the scope of the assessment has been determined, the initial phase of testing will profile vulnerabilities in the infrastructure. When identified, vulnerabilities can be manually verified without exploitation or a full penetration test can be carried out to attempt system access or retrieval of data and personally identifiable information (PII).

Following this approach vulnerabilities can be categorised based on the risk they represent to organisation. As the number, geographical location and complexity of the systems connected to your network increases then so potentially does the number of vulnerabilities to which you are exposed. The assessment may just cover systems which are under your direct control or can include employee devices that have been granted limited access to IT services (BYOD). All of these can have an impact on your organisations security posture.

vulnerability assessment

The KRYPSYS Approach

We offer vulnerability assessments and penetration tests that are tailor made to your requirements and we ensure that we keep our methods current with industry trends and threats.

Once the assessment has been completed, you will receive a report on the findings and the recommended next steps. This will ensure any discoveries are explained and the remediation steps outlined.

Need Help With Planning a Vulnerability Assessment?

Our Security Consultants can work with you to determine a scope of work and testing methodology which works for you, to ensure a rigorous assessment is carried out.

Please feel free to contact us for a no-obligation discussion for help with establishing you security testing requirements.