Vulnerability Scans and Penetration Test

Vulnerability Scans

Guardian’s vulnerability scans and vulnerability assessments search systems for known vulnerabilities, may be scheduled on a regular basis, and is a built-in function of our managed SOC solution.

Penetration Testing

Guardian’s penetration test is powered by Qualys and attempts to actively exploit internal and/or external weaknesses in your environment. While a vulnerability scan can be automated, a penetration test requires various levels of expertise and is typically conducted bi-annually or annually.

vulnerability scans penetration test

Our Approach

Regular vulnerability scanning is necessary for maintaining information security. Guardian believes regular scans of high usage systems is imperative to protecting your organization. Any changes to the equipment should immediately be followed by another vulnerability scan. The scan will detect issues such as missing patches and outdated protocols, certificates, and services.

Penetration tests are best conducted by a third-party vendor rather than internal staff to provide an objective view of the network environment and avoid conflicts of interest. Various tools are used in a penetration test, but the effectiveness of this type of test relies on the tester on the tools being used. Guardian will ensure these tests are thorough and accurate, however we will not compromise the environment and take every precaution to not create unintended downtime.

We will ensure our report is useful and accurate.  Guardian will provide a summary of any vulnerabilities identified as well detailed appendices describing the vulnerability and any know solutions for closing those gaps.

These services are provided based on IP’s that respond during the scan, not a blanket set of IP addresses. This approach ensures you are only paying for useful data on assets in your organization.

Get a free scan of up to 25 devices to see the value of our approach