Your Network is at RISK!!
Vulnerability Assessments is a process of scanning the entire organizations network internally and externally, looking for vulnerabilities that can be exploited by hackers. If vulnerabilities are discovered we bring those findings to the organization’s management with recommendations to remediate.
It is in the best interest of the organization to have a vulnerability program to lower the overall risk of the company. Vulnerabilities exist all through a network and you never know when or if a hacker has discovered a new way to exploit it, so you need to be on the defense.
The only thing separating your network from a hacker’s network is a firewall. Firewalls don’t get hacked too often, but they can be, so bad actors have found new ways to compromise your network. They do it through other vulnerabilities. They mostly do it through software vulnerabilities, Adobe, Java, and Microsoft, pretty much all major software manufactures have had vulnerabilities in their products at one time. It is all a matter of when a hacker finds a way to exploit it.
Threats and vulnerabilities are dynamic by nature and it is left up to the organization to find the vulnerabilities and fix the quickly. This is why most all compliance standards require or suggest a vulnerability program or process to help mitigate risk.
At Sentree Systems, Corp. we are no different. We offer vulnerability scans to our clients to help lower risk and avoid regulator fines.
There are four parts to the scans, Internal and External Vulnerability Scans, Passive Scans, Data discovery scans, and Dark Web Analysis scan. The Internal scans look at your network from the eyes of a HACKER that has penetrated your network and looks for weaknesses behind the firewall. The External scans look at your network from the outside, looking for open network ports and weaknesses that a HACKER can exploit to penetrate your network. Passive scans can identify active operating systems, applications, and ports throughout a network, Checks the current software and patch versions on networked devices, and Indicates which devices are using software that presents a potential gateway for hackers or malware attacks. Data discovery scans allow us to scan for Credit card numbers, Social security numbers, Drivers’ licenses, birth dates, and banking information hidden and stored on your network devices. With our Dark Web Scans, we can find out if any employee or company credentials have been compromised on the dark web. With this scan we have seen passwords, email addresses, personal addresses and lots of other personal data. We also offer simulated phishing campaigns to test the human element of the organization just to see if there are areas of training that needs to be addressed.