Vulnerability Assessment
Vulnerability assessment involves proactive scanning of Internet-connected
host(s) to ensure that it is not vulnerable to any known methods
of attack. Fixing the vulnerabilities discovered during scanning
enhances the existing security posture and helps prevent unwanted
intrusions – both on network perimeter and internally. It helps
organizations implement the tools, methodologies and best practices
required to address today's dynamic vulnerability landscape and
compliance with internal policies and external regulations.
BrickLogix's security assessment services include -
Security Assessments Services
Penetration Testing
External Vulnerability Assessment
Internal Vulnerability Assessmentt
Web Application Security Assessment
Emergency Response Services
Information Security Assessment (ISA)
Regulatory Compliance Assessment Services
FISMA Compliance
Payment Card Industry (PCI) Assessment
SCADA security assessment
Wireless security assessment
Additional Security Services :
Security Policy development
Regulatory compliance strategy
Network architecture design services
Technology implementation planning
The following lists various reliable sources for security vulnerabilities
information -
OWASP
Top Ten - The OWASP Top Ten provides ten most critical Web
application security flaws.
CWE/SANS Top 25 - Consensus
list of the 25 most dangerous programming errors.
WASC Web
Security Threat Classification - List of Web security threats.
National Vulnerability Database
NVD is the U.S. government repository of standards based vulnerability
management data represented using the Security Content Automation
Protocol (SCAP).
National Cyber
Alert System offers a variety of security information and
bulletins for users with varied technical expertise. A subscription
of products ensures that you have access to timely information
about security topics and threats.
Sans Top 20 SANS/FBI
consensus list of the Twenty Most Critical Internet Security Vulnerabilities
that uses CVE-IDs to identify the issues.
CVE Common Vulnerabilities
and Exposures List, CVE® is a dictionary of publicly known
information security vulnerabilities and exposures. CVE is International
in scope and free for public use.