Vulnerability Assessment

External Vulnerability Assessment — HEIT offers External Network Vulnerability Assessments to provide insight on potential external facing vulnerabilities of any high risk identified computer systems. This level of analysis will test for thousands vulnerabilities that may be present and provide guidance as to how to mitigate associated risks. HEIT has based its processes and deliverables around the FFIEC Work Program, various FIL’s and current best practices used in the Information Security Industry. You can be assured that your regulatory responsibilities are being met and often exceeded.

 

Internal Vulnerability Assessment — It is estimated that between 60-85% of security breaches occur from within the network. Protecting your network and ultimately confidential data is a top priority for financial institutions. HEIT’s methodology for the Internal Vulnerability Assessment is very similar to the External Vulnerability Assessments. The list below provides further information on the tests which will be performed by HEIT. However, if there is a specific risk that your institution would like to have tested, we can accommodate this.

We have the flexibility to meet your precise requirements.

• Run commercial and custom scans of the network
• Testing across networks
• Testing for monitoring, alerting, and response
• Run HEIT’s bespoke scripts against servers for vulnerabilities.
• Check the security on sample of workstations
• Test for latest patches on the network
• Test for protection for the following: virus, spam, worms, Trojans, intrusions, and unsuccessful logins.  (End-point Security).
• Test sample user network access
• Test wireless security.
• Security surrounding customer information.