What does a Network Vulnerability Assessment consist of?
ThreatPerspective's Network Vulnerability Assessment service provides our clients with the ability to identify weaknesses that exist in their IT infrastructure.
No matter the industry and no matter the size of your organization, whether it is cloud, virtual, hard wired, or hybrid, we are here to help. At the end of the day, we see cloud and virtual as being made up of components that can have the same types of vulnerabilities as hard wired servers so we treat them all the same so if you have a cloud based infrastructure, or a strictly virtual infrastructure, we can accomodate that and we would assess those enviroments in many of the same ways we would in a hard wired environemnt being mindfull to check for container access issues, and how the virtual environments are configured, for example, does it access a NAS/iSCSI, etc? How are those NAS/iSCSI/etc servers/services protected, etc?
ThreatPerspective defines a network vulnerability assessment as analyzing an existing network for known vulnerabilities, configuration issues, permission issues (think open file shares), etc, however it is much more than that. During a network vulnerability assessement, ThreatPerspective will identify the root causes of security issues that are discovered which will enable an organization to change their practices and architecture to operate more securely moving forward. It will also be possible to identify if policies are effectively being enforced.
A network vulnerability assessment can either be performed on site at a client's physical location to assess their internal network(s), remotely from the Internet to assess a client's external network(s), or both. Many organizations also have at least one DMZ on their internal networks. It is also possible to see what services and potential security issues are accessible inside those DMZs and how they may effect other networks, i.e. are there back channels from the DMZ to the Internal network(s), etc.
How we perform a Network Vulnerability Assessment
The first step is to determine the scope of the engagement, or rather, how many networks/hosts will be assessed as well as etermining the reporting requirements, etc.
The next step is negotiating the rules of engagement. Here we would decide if this is going to be a zero knowledge engagement where we perform open source intelligence gathering, provide the target lists to the you to approve, modify, etc, or is this a cooperative engagment where all necessary information is provided by the customer to save time and money? Is the engagement overt or unannounced. Are there any systems that are out of scope? If we identify a serious vulnerability should we contact the customer prior immediately? How often will there be status updates? If we encounter issues who do we call? How much time will be spent? Are there any time constraints (nights and weekends only, or conversly, only during working hours)?
Once both parties have mutually agreed to commence, the Network Vulnerability Assessment begins and is conducted according to the rules of engagement.