Vulnerability assessments involve an automated process using commercial or freely-available software to provide a shallow but quick exploratory view of the network. These automated tools can miss about 40% of the security risk so they alone do not adequately assess risk. Furthermore, about half of the findings from a vulnerability scan are false positives.
A vulnerability assessment is a complete service offering of its own; however, it does provide some value in the early reconnaissance phase of a more comprehensive network assessment so a vulnerability scan is a part of all of our testing efforts. At Caesium55, manual analysis is at the heart of all of our assessments; which not only gives you confidence that you have a complete view of your security risk, but provides tailored reporting and recommendations enabling simple workarounds and cost-effective mitigation strategies for most security issues. Caesium55’s penetration testing service is actually a combination of a vulnerability scan/assessment, a penetration test, remote password checking, manual analysis and reporting by expert security engineers.