State of Network Security Assessments

Infact, we’ve heard that companies does vulnerability and penetration testing on their corporate infrastructures.

What do you think of the IT Managers way of handling with these results and/or executive summary

1. Does their any action taken with these results

2. Does the system owners /business owners know how to remediate the fixes/finding available in the VA reports

Most of the companies do not react to any of those reports and still continue to run their infrastructure vulnerable. The prime reason for this is lack of knowledge and discipline

So, What is required to remediate the findings

1. Temporary Project Team

2. Engagement & Operating Model

3. Communication & Status Reporting

4. Creating Risk Aware culture

Do you need help, please write to me

2 thoughts on “State of Network Security Assessments

Add yours

  1. Even though if you execute those 4 steps, do you think that it will be effective? I doubt. Still, the people won’t respond. The best solution I can suggest is to form a small white hat hacker team (can be same/separate Pen-test team) and exploit those vulnerabilities. Publish those in internal company websites/blogs. Let the owners aware of those exploits and see whether they respond or not.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at

Up ↑

%d bloggers like this: