Vulnerability Scans, at Uniserve, aim to identify any systems that are subject to known vulnerabilities through identifying and inventorying all systems such as servers, desktops, laptops, virtual machines, containers, firewalls, switches and printers. For each identified item, the operating system, software installed, along with other attributes such as open ports and user accounts are associated to each item. Once all devices/items are inventoried, each is checked against databases of known vulnerabilities to see if any items are subject to any of the known vulnerabilities.
Penetration Testing is a detailed hands-on review and examination by a cybersecurity analyst that attempts to detect and exploit weaknesses in a business’ systems. Utilizing methods such as password cracking, buffer overflow, SQL injection and even social engineering, analysts will try to compromise the system and extract data to prove that specific vulnerabilities can be exploited.
At Uniserve, though different in nature, vulnerability scanning and penetration testing often go hand-in-hand to provide a much better overall picture of a business or organization’s security posture. With vulnerability scanning providing the high-level information of the IT infrastructure’s weaknesses and the penetration testing providing the more in-depth review to prove the weakness and provide the strategy to close the security holes.