Internal Vulnerability Scanning
Internal vulnerability scanning shows you what vulnerabilities are present that an attacker can abuse should they have compromised your external network.
Whilst strong external security and frequent scanning can help prevent most attacks, malicious actors and cybercriminals look to exploit other avenues, such as yourself. Social engineering, phishing emails, and even trying to physically gain access to office spaces is becoming increasingly popular.
Knowing your internal assets are frequently scanned and issues mitigated means a reduced risk of having sensitive data exfiltrated, ransomware attacks, or full system compromises. Less chance of reputational damage, legal consequences, or a disruption in business operations.
What’s Included
Network Scanning
The vulnerability scanner scans the network infrastructure to identify devices, servers, routers, switches, firewalls, and other networked components. We use Nessus as well as in-house tools.
Port Scanning
The scanner identifies open ports and services running on each networked device. It determines which ports are listening for incoming connections. Find out here if you have unexpected ports accessible.
Service Identification
The scanner identifies the specific services and applications running on each open port. This helps to determine the attack surface and potential vulnerabilities associated with each service.
Vulnerability Detection
The scanner identifies known vulnerabilities and security weaknesses in the scanned systems and applications. It compares the fingerprinted services and applications against a database of known vulnerabilities, exploits, and misconfigurations.
CVE (Common Vulnerabilities and Exposures) Matching
The scanner correlates identified vulnerabilities with entries in the CVE database, which provides standardized identifiers for known security vulnerabilities. This helps prioritize remediation efforts based on the severity and impact of each vulnerability.
Continuous Monitoring
Establish continuous scanning processes to regularly assess your businesses exposure to cybersecurity exploits and data breaches.
Reporting
The scanner generates detailed reports summarizing the findings of the vulnerability scan. Reports typically include a list of identified vulnerabilities, their severity ratings, recommendations for remediation, and prioritization guidance based on risk assessment.
Prioritised Fix List
We manually review the findings from each vulnerability scan and prioritise a list of which findings should be addressed as a priority.
Steps To Internal Success
1. Choose Your Plan
If you want to test just your External Attack Surface – Choose Basic!
Need internal scanning too? – Choose our Advanced or Enterprise Options
2. Sign The ROE
After a successful payment, you will be asked to complete a Rules of Engagment (ROE) form. Dont worry, there aren’t that many questions to answer. This form allows you to tell us what we are allowed to target.
3. Remote Access
We need a device on your internal network to access and run scans from.
- Physical Device – We can build and ship out a physical device you plug straight into your network.
- Virtual Machine – Use Virtualization software such as VMWare, VirtualBox, Hyper-V ? We can provide you with images to install that will allow us remote access.
- Cloud-Based – AWS or Azure? – We have detailed instructions that can help you setup a machine for us to administer.
4. We Start Scanning
Any external scanning options will begin as soon as we confirm receipt of the signed ROE.
OSINT is also performed at this stage. You’re close to the results already!
5. Results
As soon as the scans have finished, we will be working on the reports and aiming to have them with you as soon as possible.
Here, you’ll get a full Nessus Vulnerability Scan report, as well as a detailed report which removes all of the fluff and shows you which issues should be remediated as a priority.
6. Fix The Issues
With our detailed reports, you should have no troubles fixing any identified issues. Whilst you take care of improving your security posture, we will already be configuring your next scan, and tweaking it should it be necessary.
7. Repeat
Unless your external targets have changed, we will repeat the vulnerability scanning process again. You’re now much further ahead than most!
Got a clean report? Time to check out our other service offerings, but remember to keep having your external targets scanned as new vulnerabilities come into existence each day!