SecureWorks approaches every vulnerability assessment as unique to each organization.
Unauthorized access to company resources using existing vulnerabilities is a serious security concern. Identifying, quantifying and prioritizing security vulnerabilities in an environment can be a difficult process without the proper methodology, skills and tool sets. Illuminating these vulnerabilities, as well as providing the appropriate mitigation procedures, helps to reduce and eliminate them to an acceptable level of risk.
In this video, Nate Drier, SecureWorks Security Analysis Consultant, gives you an overview of the SecureWorks methodology for Vulnerability Assessments and describes what you can expect in your engagement and subsequent reporting to help you take actionable steps toward securing your network.
Hi, I’m Nate and I’m here to talk about Vulnerability Assessment Methodology.
So we’ve got our network here and you can see up top we have the internet, everything north of this dotted line is an external network, publicly accessible from your nearest local coffee shop wi-fi connection and everything below this dotted line is internal to the client or customer network that has normal things like workstations or databases and on this line we have a web server connected to the internal network probably through a DMZ somewhere but it is also published to the internet, anyone can access this external website.
So for a vulnerability assessment, we use a suite of automated tools. We are just going to scan the outside perimeter of this web server. We'll look at the port side, we'll look specifically at the software that's running on this server and look for known issues and vulnerabilities and those will be organized, validated and delivered in a report. With that you get a decent amount of coverage. We are not just looking for just critical issues or medium risk issues, we’re trying to look for and group all of the issues that will impact the security of your organization whatsoever. When we find those issues, we will validate them but we’re not penetrating into that machine, we’re not pivoting, we’re just providing a list of potential security issues in that system or all systems that were in scope.