Vulnerability Assessments

Proactive Security Assessments

Mandiant offers a complete portfolio of vulnerability assessment services that allow organizations to identify critical security vulnerabilities that attackers could exploit . These services help organizations improve their existing security posture to reduce the risk of a successful attack.

Overview of Services

  • Vulnerability Assessment

    Mandiant’s vulnerability assessment services evaluate the strength of its clients' defenses against the attacks that are most likely to be used by actual attackers. Mandiant provides clients with actionable recommendations. All findings are rated based upon their risk, the probability of exploitation and the potential business impact. This allows clients to focus on addressing issues that matter the most.

    • Infrastructure Security

      Infrastructure Security

      Mandiant has performed hundreds of external and internal infrastructure security assessments and identified thousands of critical vulnerabilities which exposed enterprises to external and internal attacks. Mandiant’s services include:

      • External network vulnerability assessments and penetration testing
      • Internal network vulnerability assessments
      • Network architecture reviews
      • Device configuration reviews (covering both host and network devices)
      • Wireless security assessments
      • VoIP security assessments
      • Active directory reviews
      • Social engineering and physical penetration test
      • Insider threat assessments
      • Custom services as requested
    • Application Security

      Application Security

      Testing applications at regular intervals, especially after important changes have been made to an application, is critical in order to maintain an attacker-resilient web presence. Mandiant has developed an extensive portfolio of application security assessments including:

      • Web and client-server application security assessments
      • Mobile application assessments across most platforms
      • Source code reviews for most common programming languages
      • Software development lifecycle (SDLC) reviews
      • Application architecture assessments
      • Custom services as requested