Guardian’s vulnerability scans and vulnerability assessments search systems for known vulnerabilities, may be scheduled on a regular basis, and is a built-in function of our managed SOC solution.
Guardian’s penetration test is powered by Qualys and attempts to actively exploit internal and/or external weaknesses in your environment. While a vulnerability scan can be automated, a penetration test requires various levels of expertise and is typically conducted bi-annually or annually.
Regular vulnerability scanning is necessary for maintaining information security. Guardian believes regular scans of high usage systems is imperative to protecting your organization. Any changes to the equipment should immediately be followed by another vulnerability scan. The scan will detect issues such as missing patches and outdated protocols, certificates, and services.
Penetration tests are best conducted by a third-party vendor rather than internal staff to provide an objective view of the network environment and avoid conflicts of interest. Various tools are used in a penetration test, but the effectiveness of this type of test relies on the tester on the tools being used. Guardian will ensure these tests are thorough and accurate, however we will not compromise the environment and take every precaution to not create unintended downtime.
We will ensure our report is useful and accurate. Guardian will provide a summary of any vulnerabilities identified as well detailed appendices describing the vulnerability and any know solutions for closing those gaps.