IT Security Consulting

Vulnerability Assessment

A vulnerability assessment is the process of determining how effectively an entity meets specific security objectives.  Three types of methods may be used to accomplish this assessment;  scanning, examination, and interviewing.  

  1.  Scanning:  Scanning includes network discovery, network port and service enmeration, vulnerability scanning, wireless scanning, and application security examination.
  2.  Examination:  Examination techniques are used to evaluate systems, applications, networks, policies, and procedures to discover vulnerabilities, and are generally conducted manually.  They always include documentation, log, ruleset, and system configuration reviews, network sniffing, and file integrity checking.
  3.  Interviewing:  Interviewing is the process of conducting discussions with individuals or groups within an organization to facilitate understanding, achieve clarification, or identify the location of evidence. 

Security assessments have specific objectives, acceptable levels of risk, and available resources.  Before starting the Vulnerability Assessment, we work with our customers to define assessment objectives and we taylor our approach accordingly.  

The Baker Business Center follows a repatable and documented Vulnerability Assessment methodology outlined in  NIST document 800-115.   Our skilled assessors follow the NIST standard, which allows us to maximize the value of the assessment by providing our customers with consistant and structured review.   We employ vulnerability assessment processes that minimize risk which include, but are not limited to, using skilled assessors, developing comprehensive assessment plans, logging assessor activities, performing testing off-hours, and conducting tests on duplicates of production systems (e.g., development systems). 

Last, to ensure that vulnerability assessments provide maximum value, organizations should conduct root cause analysis upon completion of an assessment to enable the translation of findings into actionable mitigation techniques. These results may indicate that organizations should address not only technical weaknesses, but weaknesses in organizational processes and procedures as well. 

Have A Question About Our Vulnerability Assessment Service?

For more information, call us at 904-397-0458 or email us at 

Store Hours

  • Tue
    Jun 22

  • Wed
    Jun 23

  • Thu
    Jun 24

  • Fri
    Jun 25

  • Sat
    Jun 26

  • Sun
    Jun 27

  • Mon
    Jun 28