Security
-
Standard
-
1.500 €3.300 €
-
Up to50 Host
-
Professional
-
2.100 €5.600 €
-
Up to100 Host
-
Business
-
5.200 €11.000 €
-
Up to300 Host
-
Corporate
-
7.500 €19.000 €
-
Up to500 Host
-
Standard
-
12.500 €17.000 €
-
Up to50 Host
-
Professional
-
15.500 €25.000 €
-
Up to100 Host
-
Business
-
24.500 €42.000 €
-
Up to300 Host
-
Corporate
-
28.500 €50.000 €
-
Up to500 Host
-
Standard
-
20.000 €
-
Up to50 Host
-
Professional
-
29.000 €
-
Up to100 Host
-
Business
-
50.000 €
-
Up to300 Host
-
Corporate
-
63.000 €
-
Up to500 Host
Vulnerability Assessment (VA) is the process of measuring and prioritizing risks associated with IT infrastructure to enable rational planning of technologies and activities that manage corporate risks.
The Vulnerability Assessment takes a snapshot of the infrastructure and checks for any gaps in its configuration, allowing an evaluation of the state of security systems implemented on corporate networks, machines, or applications, where present, with the aim of detecting any protection deficiencies compared to known lists of technological vulnerabilities.
Assessments are conducted using scanning tools, which provide configurable detection depth and granularity, based on the needs of the computer system under analysis. Vulnerability assessment tools allow for the customization of security policy, automated vulnerability analysis, and the creation of reports that effectively communicate security vulnerability findings and corrective actions to all levels of an organization.
The main objectives of a Vulnerability Assessment are:
- Reduce the risks of infrastructure compromise
- Identify active servers on the network and their exposed services
- Quickly identify the most critical attack surfaces
- Discover any security misconfigurations
- Check the software update status
- Verify system hardening
- Report the use of default credentials
- Maintain a history of the state of the art of one's own infrastructure
Typically, a distinction is made between:
- Network-based VA. Assessments carried out using network scanners. Network scanners can detect open ports, identify services running on these ports, and reveal any vulnerabilities associated with these services.
- Host-based VA. Assessments performed using scanners resident on hosts or scanners with the ability to remotely access the same hosts. Host-based scanners can recognize system-level vulnerabilities including incorrect permissions on files, directories, and system registry, as well as software configuration errors. This type of assessment also ensures that systems comply with predefined corporate security policies. Unlike network-based scanners, it requires an administrator account or agent to be present on the target system to allow access with the necessary privileges.
Vulnerability Assessment may involve a subsequent phase of Penetration Testing (PT) and Risk Assessment.
Technology
