Internal Vulnerability Assessment

Outsource your vulnerability scan and trust the experts to secure your business

Why Do This?

  • You have to (compliance)
  • You never have (curiosity)
  • You should (due diligence)

What is This?

An expert review and testing of your internal IT security (behind the firewall). We assess how you have architected the network and perform technical scanning to look for the more technical vulnerabilities.

When Should This be Done?

  • At least annually
  • After changes to your configurations
  • After changes to your hardware
  • As you are required to
  • As often as you want

Who Conducts the Assessment?

Seasoned information security professionals. Innotech performs hundreds of these assessments annually; each customized to the organization we assess.

What Regulatory Organizations Require or Promote this Type of Assessment?

  • GLBA (Banking)
  • NCUA (Credit Unions)
  • HIPAA (Healthcare)
  • SOX (Financial)
  • PCI (Credit Card)
  • SSAE16 (SOC 2)

How Exactly is Internal Vulnerability Assessment Done?

A Review of the Network Architecture and Management Practices

  • Network Connectivity
  • Remote Access
  • Directory Services
  • Servers and Storage
  • Workstations
  • Logging and Alerting
  • Vulnerability Management
  • Backup and Disaster Recovery

Vulnerability Scanning on the Internal Network

  • Tests for password policies, system permissions, required auditing and system settings that are common in all networks
  • Tests for user auditing settings, such as their password complexity and logging access failures and logons that are common in all networks
  • Tests conducted against a database of 47,000+ known vulnerabilities
  • Tests for the existence of sensitive files and data leakage
  • Tests against known good configurations

Analysis of the Collected Vulnerability Data

  • Risk analysis and quantification
  • Removal of insignificant data from results
  • Prioritization of the risks identified
  • Recommendations for remediation and ongoing maintenance

How do I Get a Quote?

Talk to Innotech to make sure this is the right kind of testing for you as there are many different types of this testing that you may need to consider. Have ready the number of workstations, users and staff on your network.