Skip Navigation LinksHome :: Solutions :: Ethical Hacking and Security Auditing :: Vulnerability Assessments

Vulnerability Assessments

These technical risk assessment services are based on accepted, industry-wide standards and methods, which include planned and unplanned tests upon your network, systems and applications to determine their level of vulnerability. This will help you determine your risk at each level of the business. Our testing plan is comprehensive:

 

* Internet, External Networks * Social Engineering * Modems, Wireless

* Web Applications, Databases

 

xDefenders will classify your vulnerabilities – open ports, down-level operating systems and suspect applications - as Urgent-Critical-High-Medium-Low Risk. We do not exploit found vulnerabilities. Our CISSP’s will produce Management and Technical Reports and review them with you during an interactive session. Periodic and ad-hoc testing is recommended and our Subscription Service is offered monthly or quarterly. The SysDefender Test Appliance is our portable tool. It is updated in real-time with known vulnerabilities and contains a complete set of tests and methods to assess vulnerabilities. xDefenders will securely ship this appliance anywhere in the USA, to keep costs low.

 

The more advanced SafeGuard Test Appliance provides the best in Vulnerability Management by including:

 

  • Risk Classification capability for your I/T assets
  • Keeps a Trend Database
  • Vulnerability Management Reports
  • Enhanced Nessus Interpretation and License
  • Ticketing System for tracking remediation activities

 

Web Application Vulnerability Assessment

We will audit your key web applications using OWASP standards and provide you with a report that will detail all remediation needed to secure the applications. We use a number of the industry's best tools. These tools can be run remotely and provide information on a number of known exploits including:

  • Cookie poisoning - Identity Theft
  • Hidden field manipulation - eShoplifting
  • Parameter tampering - Fraud
  • Buffer overflow - Closure of business
  • Cross-Site scripting - Hijacking/Breach of trust
  • Manipulation of SQL statements
  • Backdoor and Debug Options - Trespassing
  • Forceful browsing - breaking and Entering
  • Stealth commanding - Concealed Weapons
  • 3rd party manipulation - Debilitating a site
  • Known vulnerabilities - Taking control of a site