Technical assessments are essential for an organisation to identify technical flaws within its network infrastructure or applications. Assessments are carried out from a viewpoint of a potential weakness in the system and the risk of it being exploited by both an insider and external attackers, and helps the management to devise a strategy on the countermeasures to be put in place.
A vulnerability assessment is the process of defining, identifying, classifying and prioritising vulnerabilities in computer systems, applications and network infrastructures and provide clients with the necessary knowledge to understand the threats to its environment and mitigate the risks appropriately.
Some of the different types of vulnerability assessment scans which can be run include the following:
Network-based scans - used to identify possible network security attacks. This type of scan can also detect vulnerable systems on wired or wireless networks.
Host-based scans - used to locate and identify vulnerabilities in servers, workstations or other network hosts. This type of scan usually examines ports and services that may also be visible to network-based scans, but it offers greater visibility into the configuration settings and patch history of scanned systems.
Wireless network scans - focus on points of attack in the wireless network infrastructure. In addition to identifying rogue access points, wireless network scan can also validate that a company's network is securely configured.
Application scans - used to test websites in order to detect known software vulnerabilities and erroneous configurations in network or web applications.
Database scans - used to identify the weak points in a database so as to prevent malicious attacks.
Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to both find security vulnerabilities and attempt to exploit them.
The process involves gathering information about the target before the test, identifying vulnerabilities, attempting to exploit, and reporting back the findings.
Penetration testing can also be used to test a client's information security policies, its adherence to regulatory compliance, levels of employee awareness and its ability to respond to security incidents.
Technical Surveillance Counter-Measures (TSCM) is the correct name for what is commonly called bug sweeping or counter eavesdropping.
Structured TSCM inspections can be carried out in buildings/rooms, vehicles, aircraft, vessels or other spaces using both technical equipment and a physical search to detect and locate all forms of audio or video eavesdropping deployed in the target search area.