Do your Internet connected systems have vulnerabilities? This basic question can be answered by waiting for the cyber-criminals to uncover the vulnerabilities for you, or you can do so proactively with an External Vulnerability Assessment.
An External Vulnerability Assessment tests your network’s public access areas for vulnerabilities and security issues. This gives you the opportunity to correct problems before malicious attackers can exploit them to gain access to sensitive information. As the saying goes, an ounce of prevention is worth a pound of cure.
The 10-D Security External Vulnerability Assessment deliverable includes a risk-rated listing of detected vulnerabilities and mitigation recommendations, which provides a clear roadmap for prioritizing and resolving detected deficiencies. We also provide repeat clients with trend reporting and graphs that illustrate the organization’s progress throughout 10-D engagements over time.
FFIEC guidelines state that institutions are required to perform an independent assessment of high-risk systems at least annually. That’s where we can help. Our Security Engineers are trained and experienced “Ethical Hackers,” who perform both manual and automated testing to ensure we discover all your vulnerabilities. 10-D Security clients benefit from our flexible engagement options. In addition to annual assessments, we also have several clients who choose quarterly reviews. Multi-year engagements are also available.
An External Vulnerability Assessment tests the public access areas of your network for vulnerabilities and security issues.
The 10-D Security Difference
- Comprehensive scan of all 65,535 ports for each External facing IP Address
- Search for 110K+ vulnerabilities including the most recently detected
- Manual verification along with scanning to ELIMINATE false positives
- Nationwide testing experience with ALL types and sizes of institutions
- Proprietary tools capture and review key data in a fraction of the time
Who Benefits from an External Vulnerability Assessment?
- Organizations required to comply with FFIEC/GLBA, PCI, SOX, or HIPAA/HITECH.
- Businesses whose Information Security Programs call for testing of high-risk areas.
- Companies with any Internet-connected devices.
The Scope of Work
10-D Security will tailor the scope of work to fit your company’s needs and can include:
- External IP addresses
- Phone, modem & fax lines
- Wireless access
- Physical access