During the penetration testing AXEN uses the official guide of the German Information Security Agency (BSI) and the OWASP testing methodology. The tests are conducted by an ethical hacker holding industry leading (OSCP and CEH) certifications.
WHAT IS VULNERABILITY ASSESSMENT?
Vulnerability assessment is a technical assessment with the goal of discovering a great number of vulnerabilities and help to eliminate them.
The assessor is using top of the line automated tools and manual methods in order to discover vulnerabilities and thoroughly document them.
In the early stages of development it is essential to do a vulnerability assessment in order to minimize the risk of hacker attacks or data breaches.
WHAT ARE THE ADVANTAGES OF A VULNERABILITY TEST?
Vulnerability assessments help eliminate common vulnerabilities in applications and systems, making them more secure. If your Business never had a vulnerability test, then it is essential to get one,
It is the most energy and cost effective way to minimize Risk. If it is associated with a Penetration Test and a Managed Bug Bounty program, the business can comply with the greatest security standards.
Vulnerability assessment reveals a great range of vulnerabilities and ranks them by severity. A test can detect high impact vulnerabilities such as Remote Code Execution (RCE) or File Inclusion (LFI/RFI) on time and mitigate them. Client side testing is a vital part of the assessment, it detects Cross Site Scripting (XSS) and many lower impact bugs.
- BSI Guide
- OWASP Testing Guide
- OWASP Top 10
- SANS Top 25
We are using top of the line tool during our tests.
- Nessus
- Nexpose
- Burp Suite professional
Axen is doing vulnerability assessments in the following areas:
- Web Applications
- Mobile Applications
- Networks
- IoT Devices
Vulnerability Assessment brings the greatest value during low to medium security companies or during the early to middle stages of the development cycle. If a business was never tested before, it is a necessary step to do one in order to secure it.
If you are confident, that your company is secured, the next step would be to do a Penetration Test to assess the implemented security in real life without the unpleasant consequences.