Vulnerability Assessments and Penetration Testing

Identify which type of engagement is right for your organization

From checking compliance boxes for annual Vulnerability Scans and Penetration Testing, to developing a deep understanding of your security program, our assessments and tests have you covered.

Vulnerability Scan

A quick security assessment of your business’ assets

A vulnerability scan provides a quick IT security assessment of your business’ external or internal assets or web applications to determine if there are flaws in their design or configuration that negatively affect their security. Businesses that are actively developing or changing the configurations of their networks or the designs of their web apps should consider running vulnerability scans before launching major changes or updates to their networks or web apps. If development is outsourced to a third-party, running a vulnerability scan is a good way to quickly check if the product was developed with security in mind.

Vulnerability Assessment

Scan combined with recommendations and analysis

Vulnerability assessments are vulnerability scans combined with a detailed analysis of the results with recommendations on how to fix the vulnerabilities and the recommended priority that should be placed on addressing the identified vulnerabilities. Vulnerability assessment will provide a report that includes the results of the vulnerability scan, the order in which the results should be addressed, and the recommended action that should be taken to address each vulnerability identified.

Penetration Test

Discovers how your vulnerabilities can be exploited

Penetration tests expand on the work completed in vulnerability assessments and provide additional insight into how the vulnerabilities identified in your network could be exploited. Understand the amount and type of information a hacker could feasibly extract from your business as a result of exploiting the existing vulnerabilities in your network. Receive insight on the true level of risk your web-facing assets are posing to your business, your vendors, and your customers.

Purple Team

Test your IT response team’s ability to identify and defend against attacks

In a purple team engagement Soteria will perform controlled, Red Team actions on specified assets and assess the effectiveness of your Blue team’s reaction to the security events. Soteria will propose and develop testing scenarios and desired outcomes, then execute the exercises. The process leading up to the actual tests will include the planning and development of defined tasks designed to effectively evaluate Blue Team actions and remediation efforts against a security attack, while not disrupting services.

Dive deeper into learning about the IT security assessments offered by Soteria:

Assessment Guidebook

Explore our other services:

Ready to discuss how Soteria can assist your organization?

Contact Us