Internal Vulnerability Assessments

“70% of security incidents that cause loss to enterprises involve insiders.” Gartner, 2004

Have you ever wondered what your network environment looks like from the inside? What do you think you could see if you could take a snapshot of activity in any given work day from the eyes inside the company… on the network?

An internal vulnerability assessment is looking at the systems that make up most of what the users see while they are interacting with the internal system. During this assessment we will identify vulnerabilities with systems that may allow us access from the inside to the private areas of your network, or obtain information that should not be available to everyone on the LAN.

The internal assessment includes verifying password complexities, key security components, as well as a sample of internal machines like workstations and high risk or mission critical devices to ensure a stronger organizational security posture. Examples of such devices include Primary Domain Controllers, Payroll and Accounting Servers, Payment and Billing Servers, Corporate Databases, or any other machines that proposes a serious business impact if compromised. We can also and most likely will assess the virus protection mechanisms (if any) and patch management once again to seek and expose any vulnerabilities.

These services would be done on-site and require interaction from the IT staff members and may require limited input from the end users. The goal of this assessment is to deliver a final report that will allow the organization to mitigate vulnerabilities and to develop a project plan and attack strategy on how to move ahead with the remediation of their external facing environment.

Our vision for this assessment is to deliver a final report that will allow you to identify and mitigate vulnerabilities and to develop a project plan and strategy for remediation of the internal facing.