There are two main reasons why Vulnerability Scanning is important: 1) it is required for compliance with requirements such as PCI, HIPAA, GLBA, or SOX or 2) to evaluate any vulnerabilities in your new or changing networks. Detecting vulnerabilities and taking corrective action is important to any information security program and essential in protecting valued data assets from internal and external threats.
Our Vulnerability Assessments include a thorough evaluation of the target systems for known and newly-discovered vulnerabilities. This assessment includes automated scanning techniques that determine any abnormal or insecure protocols, ports, services, and system configurations.
The assessment involves:
These assessments can be conducted from an internal perspective where we approach from inside the organization, much like a disgruntled employee would.
We can also conduct the assessment from an external perspective where we approach from outside of the organization, much like an internet-based attacker would.
CompliancePoint also offers annual and quarterly vulnerability services for customers requiring ongoing scanning for HIPAA and PCI compliance.
Further, the results of the vulnerability scan will be used to perform penetration testing.
Our assessors and consultants are experts in the focus areas as they pertain to information security and protecting data assets.