Upload
halock
View
213
Download
0
Embed Size (px)
Citation preview
8/14/2019 Halock ACS - Vulnerability Scanning
1/2
Pricing:
Pricing varies based on the
size, complexity, and depth of
testing
External (internet accessible)
scanning base pricing begins
at $2,500 for with additional
fees based on the number of
IP addresses tested
Internal (private network)
scanning base pricing begins
at $5,000 with additional fees
based on the number of IP
addresses tested
Servers, applications, network infrastructure,
and other services, once connected to the
network, pose a risk to the organization.
Hackers and malicious users, both internally
and externally, may attempt to exploit these
security weaknesses to gain access to
sensitive information assets.
Identifying and remediating the risks is
critical to protecting the organization at the
perimeter as well as throughout the internal
environment.
Performed in a collaborative manner, vulnerability scanning identifies and evaluates as many
vulnerabilities as possible across The organizations systems, applications, and underlying
infrastructure. The testing can be performed both internally and externally.
The organization will provide Halock with general information regarding network ranges as well
as specific systems of concern. Halock will map the entire ranges for responding hosts and
perform in-depth vulnerability scanning of responding hosts for security weaknesses such as
vulnerable operating systems, web services, remote access, network service configurations, and
application vulnerabilities. Efforts are focused on those systems or aspects of the environment
that appear to present the greatest potential for gaining access beyond perimeter security
controls.
Solution Overview
Professional Services Included :
Port scanning and network mapping to iden-
tify responding systems
Automated vulnerability testing of host, plat-
form, and network devices
Automated vulnerability testing aimed at web
application related security issues (i.e. SQL
Injection, ASP and CGI script vulnerabilities,
Cross-site scripting, Hidden-field manipula-
tion, Authentication vulnerabilities, Session
hijacking, Database errors, Directory tra-
versal, and Form field data validation)
Review and analysis of scan results
Selective validation of identified key vul-
nerabilities
Documentation of Findings
Vulnerability Scanning
Solution
At-a-Glance:
In depth scanning of re-
sponding system, network
infrastructure, platforms,
and applications can be per-
formed externally (internet
accessible), internally
(private), or both
Locate and identify respond-
ing hosts and services
Detect over 5,500 knownvulnerabilities across 500
operating systems, applica-
tions, and protocols, ensur-
ing the most comprehensive
and complete results
Comprehensive reporting of
findings and risks
Identify and document ap-
proaches and recommenda-
tions to resolve security
vulnerabilities
847.221.0200 halock.com
1834 Walden Office Square, Suite 150 * Schaumburg, IL 60173 * 847.221.0200 * www.halock.com
Assessment & Compliance Services Division
8/14/2019 Halock ACS - Vulnerability Scanning
2/2
Vulnerability Scanning: Scope Worksheet
1834 Walden Office Square Suite 150 * Schaumburg, IL 60173 * 847.221.0200 * www.halock.com
847.221.0200 halock.com
The total number of IP addresses included in the scope for network discovery is as follows:
Following network discovery, hosts and applications will be selected for automated vulnerability assessment.The total responding hosts, as estimated by The organization, are as follows:
Special considerations and/or other notes:
LOCATION NETWORK RANGES
External (Internet Accessible) Up to _____ Class C (or equivalent) Ranges
Internal (Private) Up to _____ Class C (or equivalent) Ranges
TOTAL Up to _____ Class C (or equivalent) Ranges
REVIEW METHOD ESTIMATED RESPONDING HOSTS
Operating System & Platform External (Internet Accessible)Internal (Private)Total
Up to ____ IP AddressesUp to ____ IP AddressesUp to ____ IP Addresses
Web Application External (Internet Accessible)Internal (Private)Total
Up to ____ IP AddressesUp to ____ IP AddressesUp to ____ IP Addresses