Via dei Gracchi 32, Roma
A Vulnerability Assessment is the process of identifying, quantifying and defining (or classifying) the vulnerabilities of a system. Examples of systems for which Vulnerability Assessments are performed include, but are not limited to, information technology systems, energy supply systems, water supply systems, transportation systems and communication systems.
Our Vulnerability Assessment (VA) focuses on assessing the security of a server, a workstation or an entire network, by automatically scanning its services for vulnerabilities, misconfigurations, lack of patching and vulnerable installed software. The process involves an active analysis of the analysis target to identify any weaknesses, technical defects and vulnerabilities that could be exploited by an attacker to compromise the target.
The assessment, after mapping the analysis target, allows you to have an overview of the security level of the technological infrastructure, including any installed software and / or standard services, aimed at highlighting potential vulnerabilities. This phase mostly uses both open source and commercial automatic tools, such as Nessus, OpenVas, Nexpose and scanners and scripts created ad hoc. An analysis of the results will then be conducted in order to identify and eliminate any false positives.
At the end of the activity, a detailed report will be drawn up containing the identified vulnerabilities (with related details of the software / service concerned, type of vulnerability, level of criticality, and possible remediation actions).