Vulnerability Assessment

Identify your vulnerabilities— before attackers do. Conduct a comprehensive examination of your systems, and receive a prioritized, detailed list of vulnerabilities and recommendations with our vulnerability assessment tools and services.

Thomason Tech’s vulnerability assessment services include:

  • External vulnerability assessment: Test your Internet-facing systems
  • Internal vulnerability assessment: Check your internal network
  • Routine examinations (ie. quarterly, semi-annual or custom)
  • Comparison with prior assessments
  • Letter of attestation that you can provide to third parties

At Thomason Tech, we use a combination of detailed manual testing, in addition to automated scanners and specialized vulnerability assessment tools, to ensure that we comprehensively identify issues. Often, we find security holes that automated scanners — and other security companies — do not. Our testers are trained to think outside the box (just like hackers) and stay up to date on the latest vulnerabilities. You receive a report with detailed results, risk ratings, as well as descriptions of impact and prioritized recommendations.

External Vulnerability Assessment

Test the security of your Internet-facing servers.

Thomason Tech’s team of GIAC-certified testers examines your Internet-facing servers for security flaws. Testing begins with automated service enumeration and software fingerprinting. Next, Thomason Tech uses automated vulnerability assessment tools to identify known vulnerabilities in your servers. Our professional vulnerability scanning tools are always kept up-to-date and check for tens of thousands of known vulnerabilities.

Subsequently, Thomason Tech’s experienced and creative consultants manually examine your systems for security issues, logic flaws, authentication bypass issues, and other vulnerabilities. In this manner, we identify issues that automated scanners do not detect—but hackers can.

Many vulnerability scanners produce “false positives” due to incorrect service banners or other errors. Thomason Tech manually checks high-risk issues to reproduce the vulnerability whenever possible and weed out false positives.

Finally, our consultants evaluate the results of automated scanners and manual assessment and provide you with an analysis of the root causes. This provides you with the greatest value from your investment.

Internal Vulnerability Assessment

Check the security of your internal network.

Comprehensively test your internal systems for vulnerabilities, in order to prevent worm outbreaks, foil insider attacks, and ensure compliance with regulations.

Thomason Tech’s testers arrive onsite at your facilities and attach to the network at the location of your choice. From the inside, Thomason Tech conducts comprehensive port scanning and service fingerprinting, and identifies known vulnerabilities in your internal systems. This includes a detailed manual examination of your internal network. Thomason Tech weeds out false positives so that you can remediate issues more efficiently. You receive a detailed report with prioritized recommendations. You can use your report as a roadmap for improving your security posture.

Routine Examinations

Conduct routine vulnerability assessments and catch security issues quickly.

Thomason Tech routinely checks your systems for new vulnerabilities that have emerged since the last vulnerability test, and provides recommendations for remediation. This is an excellent way to ensure that security issues are identified and remediated in a timely manner. You may choose quarterly, monthly, or custom time intervals.

As part of the routine check, Thomason Tech conducts a port scan and vulnerability scan of external systems using automated tools, and compares the results with previous assessments. New high-risk issues are manually verified. Thomason Tech provides a report summarizing changes in security posture since the last check, as well as the scanner results and prioritized recommendations.

Get answers and advice

Our goal is to answer all your questions in a timely manner.