Vulnerability Analysis
Security maturity interview plus technical scans, ending with a consultative video call summary.
Security maturity interview plus technical scans, ending with a consultative video call summary.
|
The Vulnerability Analysis is designed to provide a snapshot of the state of security in your business and provide tailored immediate and mid-term guidance for practical risk reduction.
Order a Vulnerability Assessment now. |
|
We gather data through a series of technical scans, open-source intelligence (OSINT), interviews, and other discretionary techniques. The output of these processes are then collectively interpreted and used to produce a customized Executive Summary.
The project concludes with an interactive executive briefing with prioritized findings and guidance for security maturity. After the briefing, the written summary and any supporting documentation will be delivered electronically. These deliverables may be used either internally or with 3rd parties to guide risk reduction efforts. |
How we do it
- Data Gathering: Conduct security interview(s), network scans, and open-source intelligence gathering
- Data Processing: Collectively analyze the data gathered and build an executive summary
- Consultative Briefing: Lead a video call to present findings and provide guidance for security maturity.
Conclusion: Consultative Briefing
The Risk Analysis ends with a consultative executive briefing video call. During the call, we'll review findings in an Executive Summary report and have some discussion around our prioritized recommendations to provide direction for your growth in security maturity.
The Risk Analysis ends with a consultative executive briefing video call. During the call, we'll review findings in an Executive Summary report and have some discussion around our prioritized recommendations to provide direction for your growth in security maturity.
|
Prioritized Recommendations
Inputs
|
FAQ
What’s the difference between a Vulnerability Analysis and a Vulnerability Assessment?
What’s the difference between a Vulnerability Analysis and a Vulnerability Assessment?
- A Vulnerability Analysis is a process of combining objective technical scan findings with an understanding of your business priorities gained through a personal interview. It results in a customized executive summary and a consultative final briefing. It’s focused on collaborative planning for security maturity.
- A Vulnerability Assessment is typically a set of technical scan reports. It may or may not come with a customized interpretation for your business, but briefings are generally technical in nature.
In short, an Assessment is a list of technical things that are wrong and which you need to do something about. There is much variability in whether you’ll receive strategic or tactical business guidance related to technology.
- This is most beneficial for organizations of any size with low-to-moderate security maturity
- This assessment will give very practical, prioritized guidance to improve the overall security maturity of the organization
- No, this is live interview(s), open-source research, and a review of technical settings on various devices
- We believe that penetration tests are a waste of money until an organization reaches a moderate-to-high security maturity level; this vulnerability analysis can be used to determine if a penetration test will be cost-effective
- No, this is not an audit
- Since this analysis produces security best-practice recommendations, it may assist with compliance, but it is not designed to be a compliance consultation; compliance is broad and you would need to pursue a "gap analysis" for the particular regulation/standard for which you're seeking compliance