Vulnerability Assessment

Vulnerability assessments will identify known vulnerabilities within the network, operating system, web application framework, and web servers through the use of automated scanning tools. The results can give you an overall picture of the vulnerabilities present on your network and assist in vulnerability risk management.

Centurion uses multiple industry leading vulnerability scanning software to identify known vulnerabilities within your organisations Internet facing or internal network. Automated vulnerability scanning tools commonly produce false positives due to their inability to replicate a manual assessment. Centurion combines the identified vulnerabilities from different tools to review and remove all false positives identified during the vulnerability assessment, in order to provide your organisation with concrete results to accurately identify vulnerabilities.

We go beyond simply running automated commercially available vulnerability scanning tools to incorporate aspects of the reconnaissance phase of our network penetration testing methodology such as manually identifying alive hosts without triggering intrusion detection systems (IDS).

Bypassing intrusion detection and prevention systems often involves a low and slow approach to identifying open ports on the target systems. Centurions vulnerability assessment capabilities overcome the traditional constraints of a low and slow approach by scanning your Internet facing network from many distributed servers spread out across the Internet. This gives your organisation the ability to assess its Internet facing assets from a global, Internet wide perspective, combined with techniques designed to evade monitoring, detection, and the attention of security operations center.

Centurion works with your information security managers to provide effective reporting of identified vulnerabilities into your organisations vulnerability management solution. This reduces the management overhead caused by vulnerability assessment vendors and third party tools producing hundreds of pages of vulnerabilities in an unmanageable PDF or word report.