Vulnerability Assessment Nullforge offers this service as a standalone assessment or as a supplement after a penetration test engagement. This phase of security implementation is to ensure all common exposures are identified. Our team performs this assessment in a secure public server with industry-leading security assessment tools, during reporting process, we ensure all false-positive findings are eliminated.

Difference between Pentest & VA?

Often times penetration testing and vulnerability assessment gets mixed up. To give a clearer view a vulnerability assessment is mainly to enumerate all common security exposures without attempting to exploit it and prioritize the risk, a typical vulnerability assessment relies heavily on automated scanning tools such as Acunetix, Netsparker, Web Inspect or combination of industry recommended tools. Nullforge team ensures that we validate all automated findings to eliminate false-positive findings.

How Often do you need Vulnerability Assessment?

Frequent vulnerability assessments is always advised but this always depends on your organizational requirements or the nature of your business. This is to ultimately help you achieve a good security posture, protect your assets and reputation. The sooner vulnerability assessment is conducted the minimal window of opportunity for any attackers can leverage both the unknown and known vulnerabilities to your organization that adversaries can exploit. This makes vulnerability assessments crucial for any organization. Nullforge can offer you extensive and flexible approach depending on your needs.

Vulnerability StatisticsStatistics by: Acunetix

By Web Vulnerability based on severity rating

Code Execution

SQL Injection
File Inclusion
Cross-site Scripting

By Paradigm

Web Application
Network perimeter