Vulnerability Scanning & Assessments
Vulnerability scanning and vulnerability assessments are used interchangeably too often in our industry. In our opinion, vulnerability scanning is conducted via an entirely automated process. An appliance or software vulnerability scanner is used to perform internal and/or external network layer and web application scanning. The value provided by vulnerability assessments over vulnerability scans are interpretation of the results, false-positive elimination, and custom report delivery.
The NCI Approach:
NCI may choose to conduct your vulnerability assessment internally or externally. While the process is still entirely automated, it will include:
- Open Web Application Project (OWASP) Top 10
- Remotely detectable back door applications or malware
- DNS Server Analysis
Basic vulnerability scans will generate results, however our team will provide a detailed report that eliminates false-positive, includes business context, and provides detailed remediation recommendations
Should NCI be Assessing your network vulnerability?
Contact us for more information: