The Vulnerability Assessment assesses the security of the systems with respect to the known potential vulnerabilities.
The Skybackbone analysis ensures the respect of the highest confidentiality standards, it allows companies to understand their degree of exposure to vulnerabilities and to take remediation preventive actions.
The final report is composed by an “executive summary” usable from the top management and a more technical part made for the technical personnel.
Ours Vulnerability Assessment considers aspects such as asset management, systems ageing, patch management, event monitoring, password policy, least privilege, application whitelisting, the effectiveness of antivirus and anti malware solutions, network isolations, systems and channels encryption, usability of default credentials… etc…
The document contains an “action plan” where next to the results of the analysis in critical priority order, we evaluate the effort level required for the resolution and mitigation of revealed vulnerability.
The Penetration Test is a simulated, authorized attack, which aims to violate the systems by exploiting possible weak points, as well as verify how a company responds to a potential security breach in compliance with security policies.
As for the Vulnerability Assessment, Skybackbone guarantees that this type of activity is performed by well prepared personnel in respect to the highest confidentiality standards.
This analysis, different but complementary to the Vulnerability Assessment, is performed pointing specific targets (public IP) agreed first with the client, it provides:
- Discovery activity of the tools and frameworks in use
- Manual verification activities on all the services identified as weak or critical inside the attack layer
- Manual analysis based on the guidelines OSSTMM/OWASP
- Attack repetitions
The results of the vulnerabilities are shown in order of relevance, a proposed resolution and the level of effort required for the solution found.