Conducting vulnerability assessments (VAs) is a core business for Intertek EWA-Canada. Our experience covers the full range of deployed technologies from embedded systems through main frame. We have conducted comprehensive auditing and testing of individual devices and systems, especially within the context of our Product Assurance capabilities, as well as wide ranging vulnerability scans of large local and wide area networks incorporating tens of thousands of hosts.

Our standard methodology is based on Intertek EWA-Canada’s many years of successful vulnerability assessments test activities, and has been well-proven in well over one hundred VA testing engagements. Our methodology is thorough and systematic, allowing us to consistently identify security issues across the scope of the environment under test. This includes identifying weaknesses in the physical environment, organization, procedures, personnel, management, administration, hardware, software and communications equipment that may be exploited by a threat agent to cause harm to the assets and the business they support.

A sound methodology, combined with a wide-ranging set of test tools, provides a solid foundation for a successful vulnerability assessments and penetration test engagement. While it takes a certain level of skill to be able to effectively run the test tools, the tools are just there to assist the security analyst. It takes real-world knowledge and experience to be able to analyze the results and correctly interpret them in the context of the environment being tested. It is this exceptional knowledge and experience of our analysts that provide our clients with the real value-add – we don’t simply regurgitate the output of automated tools. Our goal is to provide real-world recommendations for mitigating detected vulnerabilities within the context of each client's environment.

Related Pages