What is a Network or Infrastructure Vulnerability Assessment?
A network or infrastructure vulnerability assessment identifies common security issues within an organization's internal systems. These assessments uncover risks in workstations, printers, servers, networking devices (such as switches, routers, and access points), mobile devices, industrial equipment, or any device with an IP address. Assessments may be fully automated or semi-automated. Automated scans use software to detects vulnerabilities and generate downloadable reports. Semi-automated scans incorporate human oversight to validate findings, eliminate false positives, and identify real risks.
-
Advantages:
- Fast results
- More affordable than a full Pentest
- Suitable for continuous infrastructure monitoring
-
Disadvantages:
- May produce false positives or false negatives
- Less comprehensive than a full Pentest
- Recommendations tend to be generic
False Positive: A vulnerability is reported but does not actually exist.
False Negative: An existing vulnerability is not detected.
Assessments can be performed with or without credentials. Granting administrative credentials increases scan depth and improves detection accuracy.
When should you perform a vulnerability assessment?
It is recommended to perform a vulnerability assessment if no prior testing has been conducted, or when frequent changes to infrastructure occur, such as adding or removing devices, applying new configurations, or patching systems. However, relying solely on automated vulnerability assessments is not ideal. A penetration test or ethical hacking engagement provides a more complete picture of your security posture.
What kind of testing does kolibërs offer?
Kolibërs offers semi-automated vulnerability assessments using both licensed and open-source tools. Our team adds a human layer to reduce false positives and negatives, and to produce tailored reports. While this makes our assessments slightly slower, it also ensures better accuracy and insight. Clients may choose to provide credentials to increase scan depth.
What is the cost of a network vulnerability assessment?
We offer packages starting from $5,000 MXN, designed to support small and medium-sized businesses.
Contact us via WhatsApp for more information.
Why are your prices so affordable?
Our mission is to improve the regions cybersecurity posture. We work hard to make high-quality services accessible to to small and medium-sized businesses (SMBs).
Are your services certified?
While experience is our most valued asset, we recognize that certifications help build trust. Our engineers hold one or more of the following certifications:
- GPEN - GIAC Penetration Tester
- GWAPT - GIAC Web Application Penetration Tester
- CEH - Certified Ethical Hacker
- CISSP - Certified Information Systems Security Professional
- OSCP - Offensive Security Certified Professional
- AWS Certified Solutions Architect
What will you receive in the assessment report?
Kolibërs delivers a technical report that includes:
- A list of identified vulnerabilities, rated by risk and likelihood
- Description and location of each vulnerability
- General remediation recommendations
