What is Vulnerability Scanning
A vulnerability scan is an assessment of possible security vulnerabilities in computers, internal and external networks, and communications equipment that can be exploited by cyber criminals. It is an automated activity that scans infrastructure targets such as IP addresses for known vulnerabilities and misconfigurations. The resulting vulnerability assessment report will help you promptly identify security weaknesses that need to be resolved.
Vulnerability testing is an essential part of mitigating your organisation's security risks. By using a vulnerability scanner to identify the points of weakness in your systems, you can reduce the attack surface that criminals might exploit, focusing your security efforts on the areas that are most likely to be targeted. Vulnerability scans can also help to routinely audit IP address ranges to see if unauthorised services are being exposed or whether redundant IP addresses are being used.
There are two main types of vulnerability scan:
- Unauthenticated scans will find weaknesses in your security perimeter.
- Authenticated scans use privileged credentials to go further, finding security weaknesses in your internal networks.
Whichever type you choose, vulnerability scanning tools will use reference databases of known flaws, coding bugs, anomalies, configuration errors and potential routes into corporate networks that can be exploited by attackers. These databases are updated continually.
What does a vulnerability scan test?
Automated vulnerability scanning tools scan for open ports and detect common services running on those ports. They identify known security weaknesses and configuration issues or other vulnerabilities on those services and determine whether best practice is being followed.
With the Hedgehog vulnerability scanning service, all results are manually verified by a seasoned penetration test and once verified, the report is then generated to highlight the items that have been identified. By acting on these findings, an organisation can improve its security posture.
We offer three levels of vulnerability scanning as a service to cater for all business sizes. Each package runs over 12 months.
Micro / Home Business
£12.00 per month
A monthly Next Generation Vulnerability Scan for up to 2 IP's or URL's for one year. Includes:
- Access to vulnerability management portal
- Scanning for over 129,000 vulnerabilities
- PDF reports
- Suitable for Cyber Essentials Plus
£25.00 per month
A monthly Next Generation Vulnerability Scan for up to 10 IP's or URL's for one year. Includes:
- Everything from Micro/Home Business
- PDF Scan Certificate
- Manual verification of results
- CREST Approved Vulnerability Scanning
£75.00 per month
A monthly Next Generation Vulnerability Scan for Unlimited IP'sor URL's for one year. Includes:
- Everything from Online Business
- Internal and External Scanning
- 1 Internal Scan Appliance
- Launch scans as and when you like