Vulnerability Assessment

Avoid attacks by identifying your network’s vulnerable systems and versions


Vulnerability assessment is at the foundation of creating a proactive information security program, moving beyond reactive measures like firewalls to start to actively identify, assess and respond to new vulnerabilities and improve the capacity to manage future incidents.

Typically, vulnerability assessment starts with a reconnaissance phase, during which important data regarding the target systems and resources is gathered. It also helps you target the range of IPs. You can then incrementally focus on specific network segments and assets of interest. Vulnerability assessments are required for many compliance regulations – such as PCI and HIPAA.

Managed Vulnerability Scanning

Vulnerability scans are a critical component that can help reduce your network’s attack surface, but they require a great deal of technical resources and skill to be set up, secured, and maintained. If not managed and maintained, results can be filled with false-positives that can waste your time, and false-negatives that give you a false sense of security. EventTracker offers a managed Vulnerability Assessment Service (ETVAS) to simplify the process at a cost-effective price. Some of the benefits you'll enjoy are:

Experts on hand

Our vulnerability scans are backed by up-to-date intelligence and performed by our in-house security experts for the most effective scan

Prioritization of what’s exploitable

We correlate your data with multiple threat intelligence feeds to monitor and prioritize vulnerability remediation while keeping in mind the value of your assets, so that you can plug the most important holes first

Scheduled scans

You pick when you want your scans to occur so that they don’t interfere, but still allow for continual monitoring

Accurate results

Using an expert-backed solution means that you have the most accurate results, not false positives that waste your time

Remediation recommendations

After a scan is performed, our team of security experts will provide remediation recommendations so you know how to fix your vulnerabilities

Detailed reports and dashboard

All of your scans and reports are integrated into a customized dashboard so that you can view and track results over time

Configuration Assessment using SCAP

ETVAS's Configuration Assessment capability compares your existing configuration against baselines from FDCC, USGCB, DISA, or the USGCB. Secure configuration is an economical method to reduce attack surface.
The Security Content Automation Protocol (SCAP) is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation. ETVAS's SCAP capabilities include all the NIST-mandated output formats applicable to SCAP v.1.2 specifications for both OVAL-compliant Vulnerability, Patch and Software Inventory assessments, and XCCDF-compliant Configuration assessment. SCAP-compliant output can be generated to determine Pass/Fail results, as well as deliver reports according to the latest standards like Asset Reporting Format (ARF), XCCDF and Cyberscope report formats for FISMA compliance reporting.

How it Works

EventTracker experts will work with you to identify and group assets

You determine how often you want your vulnerability scans to occur

Results and remediation recommendations go to your Reports Dashboard

You’ll get trend reports that show new, remediated or unchanged vulnerabilities

Let's Talk

Tell us about your security goals and challenges and we will work together to come up with the best solutions.

Contact Me

See EventTracker in action!

See EventTracker in action!

Join our next live demo June 3rd at 2:00 p.m. EST.

Register Here