Many of the information security and compliance testing we offer takes an “outsider” approach. In other words, we test the perimeter of your network and organization to determine if the bad guys can get inside, and if so, how.
An internal vulnerability assessment from Vala Secure digs into your internal network to find and identify potential vulnerabilities from the inside.
Internal vulnerability assessments often include the following scans (although this is not an exhaustive list):
Network-based scans can identify potential network security attacks.
Host-bases scans identify vulnerabilities in servers, workstations, or other network hosts.
Wireless network scans identify points of attack in your wireless network infrastructure.
Application scans will test your websites to look for software vulnerabilities and incorrect configurations in network or web applications.
Think about it this way -- with penetration testing, it’s like a house inspector checking your roof, siding, and more to identify potential ways for burglars to enter. With an internal vulnerability assessment, the inspector is inside your home, making sure the roof won’t collapse on top of you and the locks are secure.
The house inspector understands all the materials, building types, and levels of craftsmanship that make a secure home. You don’t need to know those things -- you trust your home inspector to tell you what needs to be fixed (and how).
That’s a lot like our approach to internal vulnerability assessments.
The raw output gathered during an internal vulnerability assessment is enormous and very technically specific. But while we may live for the technically specific jargon of our industry, we know that in many cases, there isn’t very much you can do with a report like that (other than try and “translate it!”).
The Vala Secure team filters through the noise to prioritize and recommend mitigation ideas that address any vulnerabilities.