Vulnerability Assessment
Vulnerability Assessments typically use a commercial scanning engine to look for known vulnerabilities and report back on potential exposures.
Types of Vulnerability Assessment
Fully Automated
Vulnerability Assessment
Fully Automated Vulnerability Assessments include a scan and report created by our scanning engine. There is no manual issue merging, review or manual verification.
£110Per Month |
£1320Per Year |
For up to 5x External hosts
CREST-approved Semi-automated
Vulnerability Assessment
A CREST-approved Semi-automated Vulnerability Assessment is performed using our scanning engine by one of our security consultants who will manually review the output.
£550One Time Scan |
£5940Custom Frequency |
For up to 50x External hosts
Service Comparison Table
Fully Automated | Semi Automated | Manual | |
Features |
Vulnerability Assessment |
CREST Approved Vulnerability Assessment |
CREST Approved Penetration Testing |
Scan Scope | External Only | External | External & Internal |
Commercial Search Engine |
✔ |
✔ |
✔ |
Full Port Scan |
✔ |
✔ |
✔ |
Vulnerability Report |
✔ |
✔ |
✔ |
Risk Ratings/CVSS Scores |
✔ |
✔ |
✔ |
CREST Approved |
✘ |
✔ |
✔ |
Human Manual Verification |
✘ |
✔ |
✔ |
Issue Merging |
✘ |
✔ |
✔ |
Custom Report Issue Wording |
✘ |
✔ |
✔ |
Certified Consultant Led |
✘ |
✔ |
✔ |
Issue Chaining |
✘ |
✘ |
✔ |
Manual Testing Methods |
✘ |
✘ |
✔ |
Management Executive Summary |
✘ |
✘ |
✔ |
Report Walkthrough |
✘ |
✘ |
✔ |
NCSC CHECK ITHC Approved |
✘ |
✘ |
✔ |
Useful Resources

Blog
Vulnerability Assessment v Penetration Test
Gavin Wood, CTO at Chess, explains the difference between Vulnerability Assessment and Penetration Testing and their applications.

Blog
Prevention v Cure: Introduction to Pen Testing
Gavin Wood, CTO at Chess, explains what penetration testing is and why diagnosing vulnerabilities earlier can save you money.