Identifying known vulnerabilities means action can be taken to mitigate risks.It is not enough to have a patching policy alone. You can’t be sure you have addressed everything unless you check, so independent verification is a valuable asset to have.
There are two primary options:1. External Vulnerability scanning – required by compliance to be carried out Monthly/Quarterly, your Public facing services are checked for known vulnerabilities, so you can take action to address known compromises.
2. Internal Vulnerability scanning - required by compliance, internal scans are carried out monthly to identify vulnerable applications essential to help mitigate compromises.
Pen Testing (Penetration Testing) is generally carried out once a year. It differs from Vulnerability scanning in that it is carried out by a skilled certified individual. It’s a more serious attempt to find compromises and designed to simulate an attack. Pen testing can be a very broad topic, and you should at least have one pen test per year on external facing services. It’s required under most compliance standards.
Ridgewall provide a comprehensive range of Cyber Security Services:
- SOCaaS (SOC as a Service)
- Defence in depth strategies
- Gap Analysis / Reviews
- Compliance GDPR, ISO, PCI, FCA, Cyber Essentials
- Protected DNS Services
- Vulnerability scanning
- Pen Testing
- SIEM Solutions
- Monitoring Services 24x7
- Data Loss Prevention
- Data/Endpoint management and Encryption
- Supported 24x7