Vulnerability Scanning and Assessment

Find vulnerabilities before malicious hackers do. A network vulnerability scan detects and classifies system weaknesses.

Test Your
Network Against

Viruses

Backdoors

Malware

Botnet Infections

Known/Unknown Processes

Malicious Content

And more…

Vulnerability Scanning and Assessment

Correct problems and bring your network devices back into compliance.

Comprehensive Scanning

Network vulnerability scanning provides companies with the opportunity to identify active IP addresses and scan them using industry-leading tools with the ultimate goal of discovering vulnerabilities in both internal and external networks—affordably.

All of our network vulnerability scans and assessments go beyond international standards – such as NIST – and your test will come with a detailed final report.

Your detailed final report will include an executive summary, a listing of risk ratings and remediation recommendations. A letter of attestation can be provided upon your request.

Throughout the network vulnerability scanning and assessment process, comprehensive automated testing will identify as many network related vulnerabilities as possible.

Identify Documented Vulnerabilities and Exposures

One of the biggest challenges in securing business environments is having the knowledge required to identify vulnerabilities, prioritize the greatest threats posed to your environment, and then remediate any discovered vulnerabilities.

This is where MainNerve’s vulnerability scanning services come into play.

Our industry-leading scanning tools enable you to perform an in-depth scan of all external and internal systems for vulnerability identification.

A vulnerability assessment can verify the findings and ensure they are correct, removing false positives.

Cyber Breaches: What Tactics Were Used??
Use your mouse to hover over the pie chart and see the stats.
Looking for a First-Class
Cybersecurity Expert?
Understand the risk posed to you, and your customers, by the vulnerabilities present in your network.
Systematic Protection
Our Process

The dynamic nature of today’s cloud and on-premise network environments requires persistent vulnerability scanning to defend against the evolving threat landscape and innovative malicious hackers. MainNerve’s network vulnerability scanning services allow you to accurately scan your network, servers, and desktops for security vulnerabilities with the overarching goal of improving your security posture and remediating network vulnerabilities with confidence.

Planning

The planning phase of the network vulnerability scanning and/or vulnerability assessment process includes communicating about on- and off-limit IPs, peers, and systems. At MainNerve, we call this scoping. The timeline of the network vulnerability scan or vulnerability assessment is also provided.

Host Discovery

Host discovery is the first official stage of the network vulnerability scanning and/or assessment process. At MainNerve, we use active scanning and agent scanning to interactively communicate with targets on the network. These methods are designed to craft and send packets to remote hosts—and detect active IP addresses or “live hosts”. During the host discovery phase, servers, appliances, and other devices on the network are identified.

Service Enumeration

Following host discovery, MainNerve will perform service enumeration. This is where identification of open ports and services available to each discovered system, is performed. Essentially, service enumeration is the process of extracting machine names, network resources, and other services from a system. We will use all information gathered during this phase to identify the vulnerabilities during the network scanning.

Network Scanning

During this core phase of the network vulnerability scanning and/or assessment, MainNerve performs a port scan to determine what services are running on each active device. This helps determine what types of vulnerability checks to run against a particular port.

Following the port scan, MainNerve will scan all live hosts with an industry-leading tool to identify vulnerabilities. Such vulnerabilities might include missed patches, server misconfigurations, and risky services.

Note that vulnerability scanning performs a high-level look of known vulnerabilities. There are no exploit attempts or intensive verification.

Verification

MainNerve will rank and identify all vulnerabilities using the Common Vulnerabilities and Exposures (CVE) dictionary and Common Vulnerability Scoring System (CVSS). These are industry standards for tracking and calculating vulnerability risks.

Clients can add an optional Vulnerability Assessment. A MainNerve cybersecurity specialist will perform a comprehensive review of the vulnerability scan results to verify the findings. This will remove false positives.

Reporting

At MainNerve, this final phase of the network vulnerability scanning and/or assessment process the most crucial step. We take great care to ensure we communicate the findings as thoroughly as possible. Our main goal is to ensure that the client receives all information from the vulnerability scan and/or assessment, and that a roadmap toward remediation is well defined. A comprehensive final report detailing all scanning information is securely delivered. For a vulnerability assessment, the final report will include a vulnerability analysis.

Consider These
Value-Add Services
Web Application Vulnerability Scanning

MainNerve’s web application vulnerability scans provide automated crawling and testing of web-based applications in order to identify vulnerabilities. MainNerve web application vulnerability scans are designed with the overarching goal of zeroing in on OWASP Top 10 Risks, the industry standard for categorizing the most critical web app-based vulnerabilities.

Network Penetration Testing

Network penetration testing assists with the identification and examination of vulnerabilities for external, Internet-facing and internal, intranet systems. A network pen test will help determine whether an attack can exploit and compromise targeted systems. Take the next step to improving your business’ security with a network pen test.

Security Risk Assessments

MainNerve’s security risk assessment is designed to provide you valuable information about your policies and procedures, and the safeguards you’ve implemented.  We’ll help you find deficiencies in your risk management program that will allow you to set up a plan to improve it.

Customers & Partners that Trust MainNerve

What Our Clients Say

CIO
Investment Management Company

In 12 years of tests, you are the first company that found anything higher than a low risk. Phone and cameras were never discovered in the test, let alone accessed. Great to always get a different perspective from a test.

Vice President
Actuarial Firm

Our local partner that normally provides us with vulnerability and penetration testing was unable to help us this year. We were lucky enough to find MainNerve as a solution to our problem. MainNerve was very responsive to us and worked under a very tight timeframe to perform vulnerability and penetration testing for us and help us out of a tough situation. They went above and beyond. They provided us with some additional guidance in other security areas as well. We will continue to use MainNerve each year now for our security testing needs. We are glad we found them.

Principal
Technology Company

I was quite pleasantly surprised by the engagement. I think the thing I liked best about it was that everyone at MainNerve really took the time to listen and understand what we did, why we were doing it, and our business goals. It gave us confidence that we were in the right hands.

President
Insurance Administrator

Always nice to have a dependable vendor that is fully committed and reasonably priced.

IT Manager
Insurance

It’s been a great partnership for the last 4 years. When NYDFS Cybersecurity regulation was announced back in 2017, I did not have much experience in the security fields such as risk assessment, vulnerability assessment, and Penetration testing and was not comfortable creating the plan. I was searching for information on the internet and came across multiple companies. I contacted MainNerve and they explained the process as well as their background which gave me comfort in the overall process as well as the confidence in the MainNerve team. Also, the cost was very reasonable. Going through the signing, planning, assessment, testing, and reporting, they were in constant contact with me and updated me with steps they are taking and when I can expect the next milestone. When we had delays, they were patient and worked with us. We finished all the assessment and testing in the expected time and now we just do it annually. As our IT environment expands, we increase the scope of the testing, and MainNerve has been very flexible with our plans, budget, and timing. I have introduced the MainNerve to colleagues in other companies in NY and they are also satisfied with the service.

Bill Hungerford

Our company has used MainNerve for a number of years for penetration testing. They are very professional and very thorough. They are careful about not disrupting the organization during the testing and they walk you through the test results in a way that makes understanding them very straightforward. We’ll be using them again soon.- Google Review

AK Broyles

We have utilized MainNerve for three years for our penetration tests as required by our clients. They have always provided fast, efficient, precise and detailed reports that prove more than sufficient to meet our industry’s high level of data security requirements. Pricing is more than reasonable and they are always available to help and provide guidance when needed. Highly regarded and recommended.- Google Review

Tamir Gerber
GETIDA

MainNerve performs periodic Penetration Testing and Vulnerability Assessment for GETIDA web servers. We are completely satisfied with their service level, response times, and pricing. The final reports are useful for both IT professionals (taking care of the findings) and managers (general understanding of information relevant for sales and customer service) here in GETIDA. Also, the reports were viewed and approved by Amazon security auditor. Good job!- Google Review

C S

Great Experienced staff, made the process fast and easy. I appreciated the attention to detail throughout the whole process and will 10/10 use and recommend for those looking to test their network security.- Google Review