Vulnerability Assessment

It is critical to assess the risks within your organization's IT infrastructure. Despite an organization's best efforts, IT systems are often released with bugs and installed with misconfigurations, or the underlying technology is changing so rapidly that it's hard for system administrators to keep pace. Schneider Downs understands that the process for installing security updates can be confusing and time-consuming, and that, in reality, security updates can sometimes be overlooked.

The goal of the Vulnerability Assessment is to provide our clients with a comprehensive view of potential security flaws in their environment by looking for misconfigurations, unpatched services, open ports and other architectural mistakes. The results of this assessment will be a detailed report of vulnerabilities uncovered during the assessment, ranked by criticality, along with an agreed-upon remediation plan with detailed steps to assist in remediating noted vulnerabilities that create a security risk.

Detailed Approach to a Vulnerability Assessment

We begin by identifying the scope of the assessment through mapping the client's IP address ranges. This approach will help identify the active devices on the organization's network. From here, a port scan will be performed on each of the active devices identified. This will determine which services are running on each active device and the associated ports. From the device discovery, we will scan each IP address with our automated security assessment tools to identify misconfigurations, vacant patches, and service vulnerabilities that may exist within the host. We will then analyze the results to eliminate any false positives that may have been identified and determine the actual threat and risk to the organization.

Our Vulnerability Assessment works in conjunction with our automated tools and the application of our industry experience. We determine the impact of potential security exposures and the risk they may or may not pose depending on your organization's overall security posture and risk appetite.

Regardless of your organization's size, Schneider Downs will work with you to determine the most effective approach when determining the scope of the assessment. Our team will work closely with you to analyze the results and take a collaborative approach in issue identification and building action plans to remediate identified vulnerabilities. We also consider any other security components and mitigating factors to determine the overall risk to the security posture of the organization's IT infrastructure. We believe that it is essential to take this holistic strategic view during a vulnerability assessment to accurately identify the risk to the organization.

The results of our assessment will be a detailed report of vulnerabilities uncovered during the assessment, ranked by criticality, along with an agreed-upon remediation plan with detailed steps to assist in remediating the noted vulnerabilities.

case studies

 
big problem:
Ransomware attack halted a global manufacturer's operations.
big thinking:
Recover and secure the system – fast – save $1 million in ransom.
 
big problem:
High tax burden for family-owned franchisor.
big thinking:
Comprehensive planning for a 15% tax reduction.

our thoughts on

Top Risks to Keep On Your Radar for 2020

We live in a disruptive world where the risks companies face are constantly evolving. Risks not on your radar today could easily be brought to light within

read more >

Teach a Man to Phish: Six Common Elements of Phishing Scam and How to Spot Them

Sensationalist headlines about cybersecurity incidents have become the norm. Sadly, so too have clever email phishing scams. A recent notice issued by

read more >

SOC 2 Examinations - Keys to Success

“What do you need for a SOC 2 Audit?” Prior to starting a SOC 2 examination, clients often ask us what they can do to ensure an efficient audit

read more >

Crypto-Secured Lending

An exciting advancement in the cryptocurrency industry will allow consumers to leverage their crypto holdings as collateral for formal currency loans.

read more >

The Wolf, the Goat and the Kid: An Unexpected Tale of Invoice Redirection Fraud

In the 1668 La Fontaine fable "The Wolf, the Goat, and the Kid", a mother goat leaves home in search of food, warning her daughter about the

read more >

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102