Network Vulnerability Assessment for a US Equipment Manufacturer

Customer

The Customer is one of the leading US manufacturers of warehouse and dock equipment.

Challenge

The Customer was concerned about malware threats and potential security breaches that could cause workflow disruption and manufacturing downtime. They wanted to check the IT networks in the office and factory area for security gaps and get practical advice on how to fix them. The Customer was looking for an experienced vendor to perform comprehensive security assessment of their IT networks without disturbing operations.

Solution

ScienceSoft’s security team recommended vulnerability assessment as an optimal option for a non-intrusive and cost-efficient security evaluation of the required IT networks.

The team mapped the vulnerability assessment targets: 5 servers, 50 workstations, network equipment and firewalls. Then, security testers used an automated vulnerability scanner to detect maximum network vulnerabilities. They analyzed the scan findings to filter out false positives and classified the detected vulnerabilities by their criticality. Some of the security flaws were of high and medium severity: missing and weak passwords, misconfigured firewalls, outdated software versions (Windows OS, Microsoft SQL Server, Microsoft Exchange Server, Autodesk Vault, VMware Workstation), insecure SSL.

ScienceSoft’s security team prepared a detailed report with the description of high-, medium- and low-severity vulnerabilities, their nature and impact. The report also included corrective measures to fix all the detected security gaps.

The network vulnerability assessment took 14 days from planning and preparation to execution and reporting.

Results

The Customer got a full view of existing network security vulnerabilities and a roadmap on their remediation. They were able to step up their cybersecurity by fixing the detected security flaws.

Technologies and Tools

Nessus, CIS Benchmarks.