Vulnerability Analysis

Establishing the true scale and impact of a disclosed vulnerability is a challenging task for any organisation. In many cases organisations have a constrained schedule in which to determine the real level of technical risk, work out how identify vulnerable instances, and then plan any needed mitigation steps. For some vulnerabilities, any mistakes during this process can result in the organisation being highly exposed to an active attack.

Our Vulnerability Analysis service combines our in-house technical vulnerability expertise with the use of leading edge automated attack surface analytics tools, this combination provides a valuable external perspective of the real impact of a vulnerability on your organisation. Data on the discoverability and reachability of vulnerable components can significantly enhance internal vulnerability remediation efforts by ensuring that the highest risk instances are patched first. An external perspective also provides a critical safeguard against a vulnerable component being missed by internal processes, something that can leave your organisation dangerously exposed.

We offer a high degree of flexibility on the depth and scope of these engagements, they can include:

• Attack Surface Analysis to discover vulnerable components that impact your organisation. We can do this using known indicators of vulnerability, our in-house component matching knowledge, or using a custom specified search pattern.

• In-depth risk and technical analysis of a vulnerability. This can be to collate and summarise publicly known details or can include conducting additional technical research on the exploitability of a vulnerability or the effectiveness of current mitigations.

• If needed we can conduct Internet wide analysis to collate metrics on the number of vulnerable instances and progress being made to deploy vendor patches.

If you would like a quote covering your specific requirements then please get in touch.