IT Security Consulting

Vulnerability Assessment

A vulnerability assessment is the process of determining how effectively an entity meets specific security objectives.  Three types of methods may be used to accomplish this assessment;  scanning, examination, and interviewing.  

  1.  Scanning:  Scanning includes network discovery, network port and service enmeration, vulnerability scanning, wireless scanning, and application security examination.
  2.  Examination:  Examination techniques are used to evaluate systems, applications, networks, policies, and procedures to discover vulnerabilities, and are generally conducted manually.  They always include documentation, log, ruleset, and system configuration reviews, network sniffing, and file integrity checking.
  3.  Interviewing:  Interviewing is the process of conducting discussions with individuals or groups within an organization to facilitate understanding, achieve clarification, or identify the location of evidence. 

Security assessments have specific objectives, acceptable levels of risk, and available resources.  Before starting the Vulnerability Assessment, we work with our customers to define assessment objectives and we taylor our approach accordingly.  

The Baker Business Center follows a repatable and documented Vulnerability Assessment methodology outlined in  NIST document 800-115.   Our skilled assessors follow the NIST standard, which allows us to maximize the value of the assessment by providing our customers with consistant and structured review.   We employ vulnerability assessment processes that minimize risk which include, but are not limited to, using skilled assessors, developing comprehensive assessment plans, logging assessor activities, performing testing off-hours, and conducting tests on duplicates of production systems (e.g., development systems). 

Last, to ensure that vulnerability assessments provide maximum value, organizations should conduct root cause analysis upon completion of an assessment to enable the translation of findings into actionable mitigation techniques. These results may indicate that organizations should address not only technical weaknesses, but weaknesses in organizational processes and procedures as well. 

Have A Question About Our Vulnerability Assessment Service?

For more information, call us at 904-397-0458 or email us at 

Store Hours

  • Tue
    Jul 23

  • Wed
    Jul 24

  • Thu
    Jul 25

  • Fri
    Jul 26

  • Sat
    Jul 27

  • Sun
    Jul 28

  • Mon
    Jul 29