What is vulnerability assessment?

Vulnerability assessments are the security tests that aim to determine how safe your network is.

It checks if your network is susceptible to attack.

The most effective way to do it is by using a combination of manual techniques and automated vulnerability assessment software.

Why are vulnerability assessments important?

If you don’t know where you are, a map wont help.

These assessments allow organizations to figure out exactly where they stand from a cyber security perspective.

Not only critical information on tactical vulnerabilities, that would allow an attacker access to your most sensitive information, vulnerability assessments also help to strategically identify non-technical opportunities to enhance your information security posture.

Should vulnerability assessments look at more than just external systems?

Yes, vulnerability assessments is more than just external systems.

When we talk about cyber security, it is important to take all of the organization’s technology and personnel into account.

These include internal and external hosts, network devices, commercial off-the-shelf applications, third party applications, vendors, telephones, applications, and even security devices, and the cleaning crew.

Can my IT staff perform a vulnerability assessment?

Yes, of course your IT staff are able to do these assessments.

However, it depends on the certifications, skills, and focus of your staff. The most common pitfall found is that the IT staff are too “complacent, and not outsiders” such that they are bound to overlook their own errors.

Thus, it is better to let UFI as an impartial, “third party” do the vulnerability assessment.