REMOTE VULNERABILITY ASSESSMENT
If your organisation is connected to the internet, this service will remotely review that connection in the same way as an attacker would perform reconnaissance, looking for potential weaknesses. The service uses the same toolsets and skill sets as hackers use to map your organisations internet connections. This service also benefits from regional Police and National Cyber Security Centre intelligence to capture the very latest known threats and techniques used by cyber criminals. It should be noted that although the interaction with your systems is kept to a minimum, there is always a risk that poorly maintained or designed systems can suffer outages during vulnerability assessments. That is why all remote vulnerability assessments are supported with back-out and recovery plans agreed in advance to minimise risk. Remote vulnerability assessments are not penetration tests, where the goal is complete systems compromise or to take full control of your systems. Remote vulnerability assessments are focussed on identifying weakness that might be used to achieve that compromise. Service reporting will provide a plain language interpretation of the results and how any vulnerabilities might be used by an attacker, as well as simple instructions on how any vulnerabilities might be fixed.
We are able to recommend our IASME trusted partners network to provide additional services such as a full penetration test. Our trusted partners have been subject to due diligence checks by the accreditation body appointed by the National Cyber Security Centre, the UK’s National Technical Authority who are a part of GCHQ. They are also certification bodies for Cyber Essentials and Cyber Essentials Plus schemes which assure you have considered the most common cyber technical controls.