Facebook-f Twitter

Call us!

610-444-8256

Penetration Tests and Vulnerability Scans: What Are They and Who Needs Them?

More large organizations now require penetration tests, vulnerability scans, and annual cybersecurity audits from their suppliers.

If you sell products or services to a large company or government department, they will likely require you to complete an IT security questionnaire. One question often asked on that form is, “Do you complete an annual penetration test and vulnerability scan?” We are also seeing this question in some cyber-liability insurance policy applications. What does it mean?

Essentially, if your clients are trusting you with their data (and the data of their clients), they need to ensure you’ll take good care of it. Proper data hygiene is everyone’s responsibility.

A penetration test and vulnerability scan are typically performed together. During a penetration test, experts outside your network try to break in. A vulnerability scan checks the inside of your network to see what could be exploited if something or someone malicious was able to connect to your network. Both investigations yield a detailed set of reports, including an inventory of what was discovered, a detailed list of installed hardware and software with known vulnerabilities, and a narrative from a professional as he or she attempts to exploit vulnerabilities that were discovered. The narrative lists what services were breached in the test. The reports suggest ways the problems can be mitigated. Often a clean report or at least documented progress towards a clean report is required to do business with a large entity.

Acting as a second set of eyes, Pegasus has performed these tests and presented reports to organizations with small IT departments to catch problems before they can be exploited by criminals. More and more clients (and clients of our clients) are requesting these reports on an annual basis. We have a separate team inside Pegasus that performs these scans to help ensure unbiased results. As you probably guessed, we have companies check our own systems regularly because we take our role as protectors of your data seriously.

If you’re curious to learn more, you can read about pentests and vulnerability scans on our website or contact us.

Matthew Tucker

Matthew Tucker

As CEO of Pegasus Technologies, LLC, Matthew Tucker brings a rare combination of leadership attributes, technical expertise, and experience in the Information Technology industry. Matthew Tucker is responsible for the annual operating business plan as well as strategic direction. His strong commitment to the company’s growth is evident in his personal involvement with developing the current management team, as well as building the future leadership. Matthew Tucker works closely with the Executive staff to develop and monitor policies and procedures for ensuring the growth and stability of the company. Matthew Tucker’s passion for the company and staff is reflected in his continued efforts to ensure the company culture reflects its key values: personal growth, available management, and recognition of accomplishments.
Categories
© 2024 Pegasus Technologies.