Infrastructure Vulnerability Analysis

Security assessment of technology assets identified by IP address to identify, quantify, and prioritize vulnerabilities.

What is the Infrastructure Vulnerability Analysis service?

The vulnerability analysis service is designed to identify, quantify, and assess the risk level of weaknesses in the infrastructure before they are identified by a potential attacker. Using automated tools and manual techniques, insecure configurations, missing security patches, unsupported versions, and multiple vulnerabilities can be detected. This service is executed from a Gray Box perspective; scans are run from a node on the internal network or through VPN access.

With our service, organizations can expect:

This service will provide the client with information related to the risk level of each identified vulnerability, as well as recommendations to mitigate them, enabling better decision-making when prioritizing or executing a Vulnerability Management plan to reduce the organization's exposure to attack.

Service Deliverables

Executive Summary (Executive Presentation): Analysis Scope, Summary of findings by risk level, Most vulnerable assets, Root cause remediation recommendations
Vulnerability Matrix: CVE, Risk Classification, Vulnerable Asset, Vulnerable Service, Vulnerability, Description, Mitigation Recommendation

Code AVI

Business Line Cybersecurity

Category Cyberintelligence

Consultant Eduardo Salmerón

Methodology Penetration Testing Methodology

Scope Technology assets by IP address

Execution Time

Without credentials

01-50 assets: 04 business days 51-100 assets: 08 business days 101-150 assets: 12 business days

With credentials

01-50 assets: 06 business days 51-100 assets: 12 business days 101-150 assets: 18 business days

Request service