VULNERABILITY ASSESSMENT
Know the Threats to Your Information Systems Before the Wrong People Do
What Is a Vulnerability Assessment
What Is a Vulnerability Assessment
Our Methods
Assessments are used to identify, validate, and assess technical vulnerabilities. Assessments are required by NIST compliance requirements such as the DFARS/FAR CUI regulation. It is not meant to take the place of implementing security controls, but rather to help organizations confirm their systems are properly secured and identify any security requirements that are not met or that should be addressed. Without the understanding of your security threats you are in a dangerous position. Attackers prey on the systems that lack proper security controls. Most systems that are attacked don’t even know it. Most of those also go undetected for months. This could be the difference between being in business and being out of business.
Each of your Systems connected to the Internet could be at risk
Vulnerability Testing Benefits
No organization wants to find out where their weaknesses are when they least expect it.
Vulnerability assessments give you a holistic view of your information systems, not just the vulnerabilities that are on the network.
Comprehensive and Holistic
Efficiency in ROI
Remediation Plan
Repeatable Process
How we do it
Duffy Compliance Services’ (DCS) enterprise management application ensures compliance
How Service is Conducted
Review of the following areas of the information system:
- Technical (the common, network-based threats such as Phishing, Misconfigurations, unpatched devices, and malware)
- Operational (procedures, insider threats, rogue devices used to bypass security)
- Physical (lighting, locks & card access, front entry access, escape routes, camera)
- Environmental (heat, moisture, fire, flood, weather, crime)