Vulnerability Assessment

A vulnerability assessment (VA) is a series of manual and automated processes and procedures used to assess and prioritize security vulnerabilities in a system (i.e. application and/or infrastructure). Conducting a VA helps to determine the security posture of the environment and the level of exposure to threats. A VA will identify vulnerabilities by evaluating if the system has the proper controls in place and will identify residual risks associated with a system.

See our Vulnerability Assessment FAQ page for answers to the following most frequently asked questions:

  • What is a Vulnerability?
  • What is a Vulnerability Assessment?
  • When is a VA required?
  • How do I Request a VA? What's the Process?
  • Application Go Live - What's the Process?
  • What is the Pre-VA Meeting?
  • What prep is needed before the VA begins?
  • How long does it take to conduct a VA?
  • Who is responsible for remediating issues in the VA Report?
  • What prep is needed before retest begins?
  • Who approves the VA Report Response?