Trainings
We provide specific training sessions in order to help you get the best out of our VulnIT products.
The following training modules may be combined according to your needs:
- Software usage
- Running the software,
- Reading the report,
- Understanding the issues potentially detected by the software,
- usage precautions,
- Advanced usage
- Parameterization,
- Wordlists,
- Black box vs. White box,
- Methodology
- Risk management (ISO 27005),
- Assessment plan,
- Test scope,
- Risk calculation,
- Action plan.
Assessment plan
Before starting a technical assessment, you may first identify all your assets (servers, workstations, network devices, printers, etc) and determine their value in order to prioritize the tests and prepare for the action plan.
This step consists in:
- identifying your infrastructure by crossing your inventory with the assets extracted from the discovery tool provided by VulnIT, then
- assess the value of each asset, depending on the operational dependancy to the service or the criticality of the information.
At the end of this step, the assessment plan formalizes the test campains to be carried out during the year.
Action plan
Once the tests have been executed (on all your infrastructure or part of it), the vulnerabilities identified on each asset lead to an action plan.
To do so, each vulnerability detected by VulnIT must be balanced with the asset value (determine during the first 'assessment plan' phase) in order to evaluate the real final risk of each vulnerability and decide an action plan (either accept the risk or mitigate/remediate it).
Do not hesitate to contact us for more information.