VULNERABILITY ASSESSMENT

SECURITY TESTING TO IDENTIFY AND
MANAGE VULNERABILITIES IN YOUR SYSTEM

Elements of the IT Environment We Assess

DataguardNXT’s vulnerability assessment services imply reasonable costs along with high quality. The qualifications of our information security team allow detecting vulnerabilities and finding weak points in the following components of the IT environment:
IT infrastructure
  • Network We assess the efficiency of your network segmentation, network access restriction, the ability to connect to the network remotely, firewall implementation.
  • Email services We evaluate the susceptibility to phishing attacks and spamming.
Applications
  • Web applications. We assess the susceptibility of a web app to various attacks following Open Web Application Security Project (OWASP) Top 10 Application Security Risks.
  • Mobile applications. We evaluate the security level of a mobile app following OWASP Top 10 Mobile Risks.

Assessment Methods We Apply

Our security testing team combines automated and manual approaches to take the full advantage of the vulnerability assessment process.
Automated scanning

To start the vulnerability assessment process, DataguardNXT’s security engineers use automated scanning tools the choice of which depends on your requirements and financial capabilities. These scanners have databases, which contain known technical vulnerabilities and allow detecting your company’s susceptibility to them. The main advantage of this approach is that it is not time-consuming and ensures a wide coverage of security weaknesses.

Manual assessment

DataguardNXT’s security testing team performs the manual tuning of the scanning tools, as well as subsequent manual validation of the scanning findings to eliminate false positives. Upon the completion of such manual assessment, you get reliable results containing only confirmed events.

4 Key Fields We Take Care Of

Internal procedures
  • Policies: incident response plan, access control policy, remote access policy,
  • Cybersecurity awareness among your employees.
Internal procedures
  • Policies: incident response plan, access control policy, remote access policy,
  • Cybersecurity awareness among your employees.
Internal procedures
  • Policies: incident response plan, access control policy, remote access policy,
  • Cybersecurity awareness among your employees.
Internal procedures
  • Policies: incident response plan, access control policy, remote access policy,
  • Cybersecurity awareness among your employees.

Step-by-Step Vulnerability Management at DataguardNXT

1 Vulnerability
analysis
4Remediation
activities
2Vulnerability remediation
results
5Reporting on the entire
vulnerability
management cycle
3Vulnerability
assessment planning
6Vulnerability
detection
1
Planning

For each vulnerability assessment cycle, our security engineers define specific requirements and goals, scope the target IT assets, and decide on the assessment approaches and tools to be used.

2
Detection

We use different security assessment techniques to get a full view of security weaknesses in the IT assets.

3
Analysis

Our cybersecurity experts evaluate the likelihood of vulnerability exploitation and its potential impact and classify the detected security issues by their severity.

4
Remediation

Our security engineers define and prioritize remediation steps and implements corrective measures to address the identified vulnerabilities.

5
Validation

We re-assess vulnerable assets to confirm that the detected flaws have been appropriately fixed.

6
Reporting

We prepare detailed reports that cover the vulnerability management process, including the assessment findings, actions taken, and outcomes.

4 Key Fields We Take Care Of

Viruses, worms, and trojans

Ransomware

DoS Attacks

Phishing

Code injections

Man-in-the-middle attacks

Spyware and keyloggers

Advanced Persistent threats

Identity theft

Unauthorized access

Insider attacks

Compliance breaches

Network Vulnerability Assessment Methods

Black box

Scanning for vulnerabilities without any information on a target network. The external network perimeter is a starting point for scanning.

White box

Assessing the network vulnerability ‘from the inside’ (having all the knowledge about the network).

Gray box

Searching for vulnerabilities in the network, having some information about it (e.g., user login details), but without accessto the entire network.

Network Vulnerability Assessment Costs

Network vulnerability assessment pricing generally ranges from $5,000 to $15,000. Here, we highlight the essential cost factors:
  • The complexity of the network infrastructure.
  • Network size (the number of IPs, applications scanned, etc.).
  • Applied assessment method (automated scanning, manual assessment, or a combined approach).
  • Service provision model (one-time or long-term, as long-term relationships with a vendor may reduce subsequent costs).
  • The need for a follow-up penetration testing to investigate the potential impact of the detected vulnerabilities’ exploitation.