Vulnerability Scanning

What are Vulnerability Scans?

In performing a vulnerability scan, we examine your networks with up-to-date commercial and open-source vulenerability scanners. In addition to the scans, a Certified Ethical Hacker will also perform some techniques to dig deeper into your systems with various tools in the same manner in which we perform our Penetration Tests at no additional cost to you. When the scanning is complete, we’ll provide an in-depth report outlining all the vulnerabilities we found as well as documentation to backup our claims. We’ll also provide steps you can take to fix or work around the vulnerabilities if there is a known mitigation available. We will go over these results with you and explain them in terms that everyone can understand even if some members of your team don’t have a strong technical background. If you do not have the expertise in-house to do perform the fixes or you would just prefer to have some guidance with these tasks, we can provide you with more information on how our services can help protect your organization from these weaknesses.

External vs Internal

An External Vulnerability Scan is originated from outside of your network to test the devices that are facing the internet. During an Internal Vulnerability Scan, you will provide us either a location from which to do the scanning inside one of your offices that can access all of your internal network devices or provide equivalent access to us remotely through a VPN or similar secure method. This will flush out any avenues of attack someone may try to use if they have breached your perimeter defenses or are already on your internal network such as a rogue employee or third-party vendor. Remember that many losses are endured due to inside jobs by employees or vendors with inside access to your systems. We can perform both credentialed and non-credentialed scans to emulate both non-employees and those who have logins to your systems. We believe in giving you a ballpark picture of what to expect when pricing our services so there are no surprises and you can quickly and easily do your preliminary information gathering without having to talk to any sales people just to get some basic info. Please keep in mind these are just base prices to help you gauge your budget. We will work with you on larger projects or if you plan to build a lasting relationship once you’ve seen the value our partnership can provide for protecting your security.

Base Prices

External Vulnerability Scanning:

$1,000 up to 10 IP addresses
only $75 per IP address beyond the first 10

Internal Vulnerability Scanning:

$2,000* up to 254 IP Address (one class C subnet) at one physical location
$500** per location with up to 254 address beyond the first

*The pricing for internal scanning assumes we can have remote access via VPN or any other form of secure communication or the physical locations are 20 miles or less from our Jacksonville, FL location otherwise we will have to charge a reasonable amount for travel expenses to be determined on a case-by-case basis considering all of the factors involved.

**The pricing does not include travel expenses we may need to charge if the additional locations are further than 20 miles from the original location and in addition to the travel expenses charged if that location is 20 miles more than our Jacksonville location (see first *).