Internal Vulnerability Assessment

The Service

Your end users have free will and a mouse, which makes them the most likely target of a cyberattack. This means your endpoints are at high risk for exploitation. Don’t you want to know what vulnerabilities are on those systems before attackers find out?

Our Internal Vulnerability Assessment identifies vulnerabilities throughout your IT infrastructure and provides a report that you can use to remediate issues within your environment. The report also helps determine the effectiveness of your patch management program.

The Internal Vulnerability Assessment allows you to correct problems before malicious attackers can exploit a system and gain access to sensitive information. As the saying goes, an ounce of prevention is worth a pound of cure.

Our Internal Vulnerability Assessment deliverable includes a risk-rated listing of detected vulnerabilities and mitigation recommendations, which provides a clear roadmap for prioritizing and resolving detected deficiencies. We also provide repeat clients with trend reporting and graphs that illustrate the institution’s progress throughout 10-D engagements over time.

FFIEC guidelines state that institutions are required to perform an independent assessment of high-risk systems at least annually. That’s where we can help. Our clients benefit from flexible engagement options.  In addition to annual assessments, many of our clients also take advantage of quarterly reviews and multi-year engagements.


The Scope of Work

We tailor the scope of work to fit your institution’s needs and can include:

  • 100% of Internal Devices
  • VOIP Systems and Endpoints
  • Specific or 100% of Network Segments
  • Any Operating System

Man jumping canyon
Sailor at helm


The 10-D Security Difference
  • Our scan is authenticated, comprehensive, and identifies all instances of a vulnerability on your network.
  • Our reports provide the data you need, not the volumes of fluff generated from a scan.
  • We search for 110K+ vulnerabilities including the most recently identified.
  • We complete a manual verification along with scanning to ELIMINATE false positives.
  • We have nationwide testing experience with ALL types and sizes of institutions.
You would benefit from a 10-D
Internal Vulnerability Assessment if
  • You are required to comply with FFIEC, GLBA, PCI, SOX, HIPAA, or HITECH.
  • You have customer, personally identifiable information (PII), or financial transaction data to protect.
  • You need verification of your patch management solution.
  • You want to ensure your information security and general controls are sufficient and performing as expected.

Keep your institution off the evening news.


Contact Us