Remote Vulnerability Assessment
The MOREnet Remote Vulnerability Assessment Service is a study of your organization's publicly visible Internet presence. The assessment, performed over the Internet, looks for signs of vulnerabilities that could pose a risk if not addressed. Essentially, MOREnet's Security staff provides a "hacker's" view of your public network, allowing you to exercise due diligence in planning and to secure it against current threats.
MOREnet's Remote Vulnerability Assessment staff includes a GIAC Systems and Network Auditor (GSNA) and a Certified Information System Security Professional (CISSP). All staff members are full-time members of MOREnet's event response team. Each staff member is well-seasoned in working with current security tools, attacks, trends and best practices.
Since new vulnerabilities are discovered on a daily basis, MOREnet's Security Team researches and reviews new security tools and methodologies that can be used to collect data on member networks. The data gathered is used to provide members with a clear, non-biased view of the current status of the network upon which to base a risk assessment.
Based on the results of the vulnerability assessment, the MOREnet Security Team creates a report of the findings with recommendations for actions that the site should take to remedy or mitigate vulnerabilities discovered during the review. The tests generally take a week or less. Testing time may increase if members have large networks, firewalls, traffic filters or local network conditions that prevent prompt responses to the tests.
This service does not include:
- An exhaustive search for forbidden file types
- Compliance auditing
- Penetration testing (beyond verification of assessment results)
- Web space content issues
- Password cracking
- Social engineering
- Virus risk assessment
- Private network assessment
- Patch management
- Assessment of unavailable devices
Since the assessment process can only evaluate devices that are currently online, it is important to participate in the process at regular intervals. Your participation will ensure that new devices, including those that were offline previously, are assessed.
All MOREnet members can obtain this for-fee service.
Purchasing the Service
For more information about this service and pricing details, contact MOREnet Security or your Program Manager.
Remote Vulnerability Assessment Pricing
Pricing depends on the scope of the project. Please contact MOREnet Security for more information.
Remote Vulnerability Assessment Terms and Conditions
- All services are subject to MOREnet Service Policies.
- Limits of Liability
- MOREnet accepts no liability or responsibility resulting from the work performed in association with this service. As a part of the request process for this service, members will be required to sign a contract releasing MOREnet from any and all responsibility and liability that may arise in connection with this service.
- The MOREnet Security Vulnerability Assessment Service is one important component of an organization's overall security program. Use of this service does not guarantee network security or prevent security incidents but provides administrators with a valuable tool in assessing the vulnerability of their networks to common exploits and misconfigurations.