#
Vulnerability Assessment
#
Scoping questions
To scope a vulnerability assessment, here are some of the questions we'll need answered:
- How many (approximately) live IPs are in scope for the assessment?
- Are you looking for a point-in-time assessment, or long-term vulnerability management (or both?)
- For internal network vulnerability assessments, will it be possible for 7 Minute Security to be provisioned a temporary domain administrator account to conduct our assessment?
Without doing authenticated scanning, we cannot see registry entries and patch levels on target systems. In this configuration, our assessment will only see the "surface" of each system and thus your assessment results will give a false sense of security.