Vulnerability Assessment & Penetration Testing

Cyber security is a growing concern for anyone operating a business today - Investing in your cyber security is an investment in the future of your business

The financial impact of a successful cyber-attack on any business can be devastating, involving: the loss of revenue, customers and potential government fines could be crippling.

SoftGen has been offering Vulnerability Assessments and Penetration Tests to companies of all sizes from SME’S to Enterprises since 2013 – learn how you can benefit from our experience and knowledge in combating Cyber criminals.

Often Vulnerability Assessments and Penetration Tests are lumped together in the same category (VAPT). The truth is they are two different strategies for increasing your security maturity. Both approaches assist in developing a superior security program.

SoftGen’s Vulnerability Assessments and Penetration Tests provide you with a complete Audit of your IT assets. It identifies vulnerabilities that could be used to compromise your digital assets and provides a prioritised Remediation Report, on how to fix the problems.

Whilst Vulnerability Assessments (VA) and Penetration Tests (PT) are normally run together (VAPT), Vulnerability Assessments can be run independently to meet a customer’s specific requirements.

What is a Vulnerability Assessment?

A systematic process of identifying security loopholes in your organisations IT infrastructure which have the potential to be exploited by cyber criminals to gain unauthorised access to your digital assets.

It identifies and prioritises vulnerabilities in your IT Infrastructure for remediation, based the on greatest impact to risk reduction and enables penetration tests to be smarter and more targeted.

What is a Penetration Testing?

A penetration test is conducted across a company’s infrastructure, systems, with the Pen Tester using the information identified in the Vulnerability Assessment to mimics the actions of an actual attacker, exploiting possible weaknesses in your network security, without the usual dangers

Advantages of a Vulnerability Assessment & Penetration Test (VAPT)

Visibility of all IT Assets connected to your network including traditional and dynamic devices, including all activity both authorised and unauthorised on your network.

Identifies unknown and unprotected devices that are connected or maybe attempting to connect to your network.

Flexibility. The customer can decide on the number of devices, timing and frequency of the testing based on the cyber security requirements for their business and/or industry.

Provides a Risk Based Remediation Plan - including priorities and fixes on “securing” your digital assets.

Enables your IT staff or IT service provider to develop and manage effective security policies, based on actionable reporting.

Cost Effective. Cost is based on the type of testing and the number of devices to be tested (number of IP addresses).

Expertise. We provide the tools, the service and support in developing and managing your security program.

Cyber Insurance. By understanding your cyber threat landscape and how to improve your cyber security program, it can also assist in determining the scope of your Cyber Insurance policy and associated premiums.

Industry Compliance Standards reports can provide assessment against industry standards such as PCI and HIPPAA.

Why SoftGen

SoftGen delivers results based on 15 years’ experience, providing the right tools + expertise + experience via Remediation Reports plus both Executive andTechnical debriefing sessions.

Vulnerability Assessment

Vulnerability Assessment is a tried and tested tool that can assist companies in proactively identifying, prioritising and responding to security vulnerabilities.

Vulnerability testing preserves the confidentiality, integrity and availability of the system.

The system refers to any computers, networks, network devices, software, web application, cloud computing etc.
SoftGen, recognises that different companies have different requirements and therefore we offer a number of different options, when considering which Vulnerability Assessment tool is ideal for them depending on security requirements and ability to analyse your systems. Identifiy and deal with security vulnerabilities before it’s too late.

Complete Workflow Solution for Assessing and Managing Vulnerabilities

Automatically discover and protect your current web assets and free up time and resources from your team.

Invicti is made for large organisations and SMBs seeking a complete vulnerability assessment and management solution. This leading-edge web security solution has been successfully employed by businesses representing many industries including IT & telecom, government, finance, education, healthcare, and more. Use it to protect internal and external web assets, data, and your reputation.

Invicti products provides organisations with the ability to

Complete visibility into all your organisations – even those that are lost, forgotten or hidden
Scan any type of web application, web service and web API – including first and third party (open source) code – regardless of the technology, framework or language they are built with.
Scan the corners of your web assets that other tools miss, with advanced crawling and our combined interactive and dynamic (lAST + DAST) scanning approach.

GFI LanGuard is an on premise solution that allows you to scan, detect, assess and rectify security vulnerabilities in your network and connected devices, including smart phones, tablets, printers, switches and routers. Providing a complete picture of the network and help maintain security with minimal effort.

GFI LanGuard also enables complete Patch Management of security and non-security patches to Microsoft operating systems, Mac OS, major Linux distributions and third party applications. It can also automate patching for all major web browsers.

Rapid 7 is a global leader in advanced security. Their solutions simplify the complex, allowing security teams to work more effectively with IT and Development to reduce vulnerabilities.

In these rapidly changing times, you shouldn’t have to worry about your security program. Rapid7 is here to help you reduce risk across your entire connected environment so your company can focus on what matters most. Whether you need to easily manage vulnerabilities, monitor for malicious behaviour, investigate and shut down attacks, or automate your operations — we have solutions and guidance for you.

Rapid 7 offer two Vulnerability Assessment tools one on- premise solution Nexpose and a hosted solution InsightVM. Both tools deliver comprehensive reports for every scan, which prioritises all identified vulnerabilities with details on how to fix the vulnerabilities.

The information collected can either be stored to enable Trend Analysis or export for Penetration Testing.

ThreatDefence is a Unified Security platform that includes Vulnerability Assessment as a stand-alone tool, based on Open Source Technology.

It’s an Australian developed solution with the development team based in Sydney supported by a Security Operation Centre (SOC)

Regularly scheduled or ad-hoc scanning offers an insight into both authorised and unauthorised activity on your network, providing an accurate picture on identified vulnerabilities and how to remediate.

Vulnerability Assessment as a Service

Security as a Service is gaining momentum as a way to effectively combat the growing number and sophistication of cyber-attacks. SoftGen has been offering Vulnerability Assessments as a Service since 2015.

We remove the need to invest in specialised skills and infrastructure by providing greater flexibility while reducing the cost to your business. We provide the TOOLS+EXPERTISE for a single service fee based on the number of devices to be scanned.

Our service can be provided as an adhoc or managed program, we provide the TOOLS+EXPERTISE based on a per device charge.

Whichever vulnerability tool you decide to use, choosing the ideal one will depend on security requirements and ability to analyse your systems. Identify and Deal with security vulnerabilities before it’s too late.