Vulnerability Assessment
CYBERSECURITY VULNERABILITY ASSESSMENT
A Cybersecurity Vulnerability Assessment enables an organization to have global visibility into where your IT assets are vulnerable and how to protect them. LCM uses Qualys to provide this service. With Qualys, you can quickly determine what’s running in the different parts of your network—from your perimeter and corporate network to virtualized machines and cloud services such as Amazon EC2. Uncover unexpected access points, web servers, and other devices that can leave your network open to attack.
Get Started on Your Vulnerability Assessment
APPROACH TO CYBERSECURITY VULNERABILITY ASSESSMENT
Using Qualys, LCM initially performs both an internal and external scan of the infrastructure. A report of findings will be provided after the initial scan, at which point the customer will be given a 30-day window to remediate the cybersecurity vulnerabilities that were discovered. After the 30-day window, a re-scan will be performed to give an updated view of any remaining vulnerabilities. Another report of findings will be provided after the re-scan has been completed.
In addition to the report documents, LCM Security will answer any questions or provide remediation advice based on the findings.
LCM recommends that a Vulnerability Assessment be completed in five phases:
Engagement Kick-off Meeting
Initial Scanning Activities
Presentation of Initial Findings
Remediation Re-scan
Presentation of Re-scan Findings
CYBERSECURITY VULNERABILITY ASSESSMENT DELIVERABLES
A report of findings for the initial scan as well as re-scan consisting of:
Scan Summary Report: Report of findings outlining all of the vulnerabilities that were discovered along with recommendations from LCM Security.
Detailed Scan Results Excel Working Document: An excel spreadsheet view of all the found vulnerabilities. The results are based on the following criteria:
Hostname / IP Address
Criticality Level
Impact
Solution (Remediation steps)
Scan Details Documents: Raw results from the scanner in PDF format sorted by Cybersecurity Vulnerability. This document is meant to provide additional information beyond what is available in the summary report or excel working documents.
CYBERSECURITY VULNERABILITY ASSESSMENT DELIVERY TEAM
Lead Assessor: An Information Security expert, possessing various certifications and a degree in information security. The assessor has a thorough understanding of the Cybersecurity Vulnerability Management process and a deep knowledge of the technologies being reviewed.
Virtual CISO: An Information Technology leader with over 20 years of experience in Cyber Security consulting and Managed Security Services, with CISA and CRISC certifications.
Report Writers: Will develop final reports based on the findings of the assessment.