Internal Vulnerability Assessment

How Does a Vulnerability Assessment Differ From a Penetration Test?

Vulnerability assessments help analyze your business risks. The Saturn Partners, Inc will identify security holes and vulnerabilities within an organization’s infrastructure.

Unlike penetration tests, where the objective of the test is to compromise or circumvent a system’s controls by emulating a hacker, a vulnerability assessment’s purpose is to identify security holes and weaknesses without penetrating the system with an exploit technique.

After the completion of the vulnerability assessment, SPI will produce detailed reports which enable our clients to management remediate the discovered vulnerabilities.

The tests are conducted on both external and internal systems. 

SPI's network security consultants follow a tried, tested, and proven methodology to conduct superior internal network security assessments. By focusing on protecting the right assets from the right threats with the right measures, the highest levels of assurance and business value are achieved.

The process begins with securing internal devices on your network. SPI’s network security consultants identify and thoroughly test potential points of attack after enumerating every live host, open port, and available service.

Our analysis is not disruptive to your organization, with minimal or no impact on staff and business productivity.

Information Gathering

The information-gathering phase results in a detailed blueprint of your company’s network that lists the types of hosts and their operating systems. This allows us to achieve thorough mapping and overcome any blind spots you might have. We gather domain names, IP network ranges, and information about hosts, such as operating systems and applications.

Vulnerability Scanning

The information gathered during the information-gathering phase is used to perform the vulnerability scanning phase and penetrate vulnerable systems. SPI takes a holistic view of the network and chains multiple, low-risk vulnerabilities in order to achieve a high level of access into the target network. This vulnerability linking typically culminates in pilfering sensitive data such as password hashes, restricted databases, or attaining specific trophies that your company identifies.

Penetration Testing

SPI’s network penetration testing provides the most thorough test of internal defenses available. SPI’s consultants scrutinize internal systems for any weakness or sliver of information that could be used by an internal attacker to disrupt the confidentiality, availability, or integrity of the internal network. (Note: see our Penetration Testing Services Tab for full information)

SPI’s Internal Security Assessment gives you the best of both worlds by performing a penetration test as a sub-component of the Internal Security Assessment. This enables you to see if your network can be penetrated from the inside and gives you a comprehensive list of all security vulnerabilities on your internal network.

 SPI offers a Vulnerability Assessment that utilizes State of the Art enterprise software. The vulnerability assessment provides a rapid and efficient inventory of the devices, services, and vulnerabilities of internet-connected networks.

Here's What Our IT Audit Covers:

  • Information Technology Governance
  • Safeguarding Customer Information (GLBA Compliance, also HIPAA)
  • Operational Controls
  • Patient and Protected/Private Healthcare Information (HIPAA
  • Business Continuity Planning
  • Information Security
  • IT Infrastructure
  • ID Theft / Red Flags Program Compliance
  • Card issuance procedures for Debit/POS/ATM cards (financial services clients)
  • Check item imaging (financial services)
  • Website maintenance
  • Telephone Banking (financial services
  • Courier controls (financial services)
  • .. and many more!

Are You at Risk?

Contact Us to Learn How We Can Help Protect Your Business.