Vulnerability Assessment

Why Vulnerability Assessment is Necessary

As a part of an overall defence strategy, testing the defenses is a key thing. The tests are carried out using multiple techniques and consist of conducting:

  • Vulnerability Assessment
  • Penetration Testing

Vulnerability Assessment is conducted to identify known vulnerabilities/ loopholes in your digital ecosystem. This needs to be conducted both as an insider (meaning we are part of your internal ecosystem) and as an outsider (meaning we are a guest trying to see what we can find without any access).

The benefits of conducting this exercise are:

  • The Organization gets to know the areas from which unauthorized access can happen
  • Risk profile goes from unknown risk to partially known risk, which is a great advantage to have
  • Organizations know where the defences need to be mounted

How we do this at Arrka? The Arrka approach is:

  • Identify the organization’s digital footprints
  • Identify potential data leakage scenarios
  • Run a combination of tools and manual scripts to probe for weaknesses
  • Generate a report with recommendations for mitigation (including configuration changes)

We believe all tools, if configured correctly for the mitigation of the risk, perform well. We focus on existing tool configurations first and bring this to an acceptable risk level. For further details, do contact us.

Please note that for getting a complete risk posture, it is optimal to combine Vulnerability testing with: