Vulnerability Assessment

Ensure your organization is fully prepared for both external and internal threats by getting a detailed report and remediation guidance.

Overview

CynergisTek performs both external and internal vulnerability assessments.

External Vulnerability Assessment

Evaluate the overall security posture of the enterprise from the perspective of an anonymous source on the internet. Our methodology starts with a process called “fingerprinting,” during which time we do reconnaissance on the target organization by reviewing public sources of information (such as the network registrars, DNS servers, email servers, routing tables, public special interest groups, etc.) to evaluate the potential information that is available for an anonymous attacker to gather as base information to start an attack or even feed into a parallel route that might exploit non-technical weaknesses (Social Engineering).

Internal Vulnerability Assessment

Differ from external assessments in that the goal is to evaluate the overall security posture of the enterprise against potential attacks from “insiders,” other trusted parties, or an attacker who has already successfully penetrated the perimeter of the organization. In conjunction with architecture assessment and technical testing, we perform extensive root cause analysis prior to compiling a summary report of findings.

Key Benefits

Clear Picture of Risk

With detailed reporting and assessment that’s customized for your organization, you get a clear, comprehensive view of your security risk profile. This is particularly helpful during the merger and acquisition process, to check the risk profile of the entity being acquired.

Multifaceted Approach

Attacks often come from external sources, but threats can come from within your own network or as the result of a previously unidentified breach. That’s why CynergisTek’s Vulnerability Assessment comprises both external and internal evaluations.

Find Flaws

Ideally, a Vulnerability Assessment affirms that your organization is doing everything right, but it will find any gaps in policies, procedures, practices, or processes so you can remediate them.

Remediation Guidance

Give key stakeholders tactical guidance on how to fix any issues that the Vulnerability Assessment uncovers, so your particular organization can more effectively drive technical remediation efforts.

Having a partner that is actively monitoring our systems, trends, local and global threats not only saves the Virtua IT Security team time, but provides us with the ability to proactively look at potential threats to plan accordingly. The partnership with CynergisTek has allowed us to focus on compliance, developing risk programs, policy and procedures leading to a culture focused on making us more secure.

Tom Gordon

CIO, Virtua

Security has become a necessary and critical strategic pillar for our organization, and it is too broad and complex for a provider organization to keep up with on their own. Having a partner like CynergisTek with depth and breadth of knowledge and expertise is a crucial asset for our organization. I can’t imagine navigating these issues without them.

John Mangona

Vice President, Chief Information & Compliance Officer, Saratoga Hospital

CynergisTek’s social engineering and phishing service was an excellent training tool for our organization. A third-party assessment of how our policies and procedures would stack up against a real threat was eye-opening and provided us with valuable information we can leverage to continue to enhance our security posture.

Joe Egan

Director of Information Security, Valley Children’s Hospital

Features

Deep Evaluation

The assessment’s report summarized all findings and recommendations from the fingerprinting, technical testing, and root cause analysis to provide recommendations for remediation.

Educate Stakeholders

Present the assessment’s findings to key stakeholders via an interactive and educational workshop.

Outcome

After a Vulnerability Assessment, your organization will have a complete picture of any vulnerabilities it has to external and internal threats, as well as recommendations for how to remediate those threats.

Related Resources

Get Started with CynergisTek Today

Assess. Build. Manage. Validate.