Vulnerability assessments play a critical role in an organization’s ability to defend against security threats. Partners in Regulatory Compliance (PIRC) helps companies by finding and reporting on weaknesses that hackers could leverage during a cyber-attack. These assessments also are also used to evaluate the effectiveness of technical controls such as certificates, firewalls, encryption, intrusion detection systems (IDS), and authentication mechanisms.
PIRC’s vulnerability assessments adhere to the globally-recognized NIST SP800-115 standard entitled Technical Guide to Information Security Testing and Assessment.
Our vulnerability assessments help you satisfy regulatory requirements around “testing the effectiveness of security controls” as the verbiage goes, in most security regulations and frameworks. During these assessments, we leverage the Tenable Nessus Professional platform, which is the industry’s most widely-deployed assessment solution for identifying the vulnerabilities, configuration issues, and malware that attackers use to penetrate your network.
During these vulnerability assessments, we can identify and report on weaknesses in standard IT infrastructure such as workstations, servers, routers, and firewalls. Additionally, we can also report on vulnerabilities in web applications, Supervisory Control and Data Acquisition (SCADA), and IoT devices such as control systems and sensors.
PIRC will help your organization prioritize cybersecurity remediation efforts by providing concise and actionable reporting that tunes out noise and false-positives. We will report on weaknesses such as missing patches, outdated firmware, unnecessary open shares, default passwords, incorrect permissions, and rogue devices.