Wiseserve Vulnerability Assessment

This project is aimed to provide Wiseserve customers with comprehensive knowledge of current security issues in their networks.

Table Of Content

What is Vulnerability assessment?

Vulnerability assessment refers to the process of identifying risks and vulnerabilities in computer networks, systems, hardware, applications, and other parts of the IT ecosystem.
Vulnerability assessments are a critical component of the vulnerability management and IT risk management lifecycles, helping protect systems and data from unauthorized access and data breaches. They typically leverage tools like vulnerability scanners to identify threats and flaws within an organization’s IT infrastructure that represents potential vulnerabilities or risk exposures.

Why Vulnerability Assessments are Important?

Vulnerability assessments allow security teams to apply a consistent, comprehensive, and clear approach to identifying and resolving security threats and risks. This has several benefits to an organization:

  • Early and consistent identification of threats and weaknesses in IT security
  • Remediation actions to close any gaps and protect sensitive systems and information
  • Meet Cybersecurity compliance and regulatory needs
  • Protect against data breaches and other unauthorized access

How are scans performed?

Step 1: Scan Preparation

We will gather information about your organisation to best understand your current network infrastructure and security status. We will help you choose the optimal service option for your business and then a date will be agreed for the Vulnerability Assessment to take place.

Step 2: Scanning & Reporting

Following your Vulnerability Scan, we will send you a report with our findings.

You will also be advised to arrange a meeting with us to guide you through our findings and where your vulnerabilities lie and to take on the correct remedial actions.**

Patching, remediation and guiding through report is additional service**

Step 3: Re-Scanning

After initial remediation, we can re-scan in order to assess whether remedial action has been successful. We can continue to work with you until all issues uncovered have been fixed.

Patching, remediation and guiding through report is additional service**

Types of services

  • Ad-hoc vulnerability scan
  • Dedicated VM set up with vulnerability scanner
  • Dedicated ARM64 device

Ad-hoc vulnerability scan

  • Performed on preset device that will be deployed on-site, added to network and used to perform 1 time Vulnerability Assessment scan. Then device will be picked up afterwards.*
  • Report will be delivered over email.
  • We suggest to set up meeting where we analyze and discuss results provided in report and prepare remediation plan**
  • Recommended for occasional scans for all type and size of companies.
  • Advantages of this type of scan are: you don’t need device or VM permanently to be set up in your network, also it can be performed whenever requested.

Dedicated ARM64 device

  • That will include dedicated ARM Device, initial setup, configuration and deployment to your place. It’s a great option for home customers, small businesses and all customers that prefer to have dedicated device as a scanner, or do not possess an in-premise Hypervisor / Server.
  • The ARM Device have some additional benefits: like the possibility to act as a device from where we can access other services to provide support if needed. It’s easy and cheap to replace or move to different location.
  • Recommended for private customers or small to medium size companies.
  • Advantages of this type of scan are: You have your OWN dedicated vulnerability scanner that is entirely managed by Wiseserve. Additionally there are multiple types of scans configured and dedicated for your network.
  • This is a great budget option for dedicated scanner.

Dedicated VM set up with vulnerability scanner

  • In this scenario we will be provisioning and configuring Linux VM and scanner. This will involve initial chargeable setup and vulnerability scan + report. You will be able to request further scans on discounted price comparing to AdHoc or ARM64 scan.
  • Recommended for medium to large companies.
  • Advantages of this type of scan are: You have your OWN dedicated vulnerability scanner that is entirely managed by Wiseserve. Additionally there are multiple types of scans configured and dedicated for your network. Also Virtualization allows us to provision a VM with more resources which effectively makes scans much faster to run, especially in big networks.
  • Prices per scan are on discounted rate and can be done fully remotely without onsite visit after initial setup.
  • This is fastest and long term cheapest option if you want to make sure your network is secure whole year long!

Scan options

  • The table below details the features of our two different levels of vulnerability assessment you will be able to choose from.
    Features Fully Automated Semi-Automated
    Scan Scope ✔️ ✔️
    Scanning Engine ✔️ ✔️
    Full Port Scan ✔️ ✔️
    Vulnerability Report ✔️ ✔️
    Risk Ratings/CVSS Scores ✔️ ✔️
    Human Manual Verification ✔️
    Issue Merging ✔️
    Custom Report Issue Wording ✔️
    Report Walkthrough ✔️
    Consultant Led ✔️

What Is The Difference Between A Fully Automated And Semi-Automated Vulnerability Assessment?

The fully automated vulnerability assessment is 100% automated after initial set up, and the report is generated from our scanning engine. There is no manual verification by a consultant of false positives, and no customised wording. It is aimed to be run as a monthly high level scanning service to identify any high level issues such as missing patches or configuration weaknesses with the exposed services to the Internet.

The semi-automated vulnerability assessment is combination of the automated scans from our scanning engine, but with human verification of issues to reduce any potential false positives. Issues are grouped to avoid repetitive findings for the same issue and custom wording is used for each vulnerability identified, rather than default wording from the scanning engine. This service is intended to add more value than the automated scan and can be run as a one off scan, monthly or quarterly.

How Often Should I Conduct A Vulnerability Assessment?

It is recommended that vulnerability assessments are run on a regular basis, this could be monthly or quarterly as cyber threats are constantly evolving and will detect any potential issues in between any annual testing.

If major changes are made to the infrastructure or new applications are developed, then it is recommended that additional testing is conducted. This ensures that any recent changes are not introducing new vulnerabilities into the environment.

How much Does a Vulnerability Assessment Cost?

Vulnerability assessment prices are calculated based on what Types of services you choose and whether you require the fully automated or the semi-automated scans and the number of IP addresses required to be scanned.

For each project we will technically scope your requirements and establish the time needed to complete the work. We will then provide a detailed proposal and breakdown of costs and options.