Vulnerability Management and Assessment

Vulnerability Management and Assessment


Vulnerability Assessment is a process that defines, identifies, and classifies the security weaknesses and threats in a computer, network, or communications infrastructure. Vulnerability assessment can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.

Vulnerability Management allows your organisation to obtain a continuous overview of vulnerabilities in their IT environment and the risks associated with them. Only by identifying and mitigating vulnerabilities in the IT environment can an organisation prevent attackers from penetrating their networks and stealing information

The importance of Implementing a vulnerability management process is vital for organisation management to manage risks, by having a well-defined process in place, organisations can obtain a continuous view of the risk associated with the presence of security vulnerabilities in its IT systems. This allows management to take well-advised decisions with regards to remediating actions that could be implemented to reduce the risks.

Through our vulnerability assessment and management, CompPower will analyse and identify security weakness within your IT information systems to determine present vulnerabilities which are at risk of being exploited. CompPower will present you with a thorough report with our recommendations on how to resolve and mitigate these discovered security vulnerabilities and threats.

Our assessment takes a holistic approach to identifying threats by identifying your technical vulnerabilities, business process gaps, management issues, and your ability to effectively integrate behavioural analytics into your threat assessment process.


Our Vulnerability Assessments include:

  • Uncredentialled Vulnerability Scan
    • Ideal for internal assessment where it scans the system against known vulnerability without using credentials
  • Credentialed Patch Scan
    • Ideal for internal and external assessment where it authenticate to hosts and enumerate missing patches and updates
  • Malware Detection Scan
    • Scans Windows and Linux systems for known malwares and suspicious behaving files
  • Sensitive Data Scan
    • Scans Windows and Linux systems for sensitive data such as (credit card details, Personal Information, Intellectual Property)
  • Cloud Infrastructure Audit
    • Audit the configuration of a third-party cloud services
  • Mobile Device Manager (MDM) Config Audit
    • Audit the configuration of Mobile Device Managers (MDM) against best practice
  • Offline Configuration Audit
    • Ideal for auditing network devices configuration against best practice without affecting the system performance
  • Internal PCI-DSS Network Scan
    • Perform PCI-DSS vulnerability scan on the internal network. Ideal for monthly PCI-DSS compliance scan
  • External PCI-DSS Scan
    • Perform PCI-DSS vulnerability scan on the external network. Ideal for quarterly PCI-DSS compliance scan
  • Policy Compliance Auditing
    • Audit the system configuration against known compliance baseline such as (PCI-DSS, HIPPA, CIS, NIST, NSA, ISO 27002/17799, ITIL)
  • Web Applications Scan
    • Scans the web applications\websites for published and unknown web vulnerabilities


CompPower follows a well-proven Vulnerability Management process that include:

  • Preparation and information gathering
  • Vulnerability Scan
  • Identify Remediation Actions
  • Implement Recommended Remediation’s
  • Vulnerability Re-scan


For more information, please contact us on 02 8003 5511 or email