Skip to the content
Menu

Vulnerability Assessment

Vulnerability Assessments typically use a commercial scanning engine to look for known vulnerabilities and report back on potential exposures.
37% of respondent's organisations were hit by ransomware in the last year
70% of organisations hosting data or workloads in the cloud experienced a security incident in the last year

The first step to protect your data

The first step to protect your data ​ Vulnerability Assessment is an automated activity that actively scans for possible security vulnerabilities within an internal or external infrastructure (including all systems, network devices and communication equipment connected to that network) that cybercriminals could exploit.

A Vulnerability Assessment is what you would start with if you have never had any security testing services. They are an essential part of ongoing testing and should be conducted regularly - once a month or quarter, depending on your rate of change.

To learn more about how you can protect your organisation, book your free 30-minute security assessment with one of our penetration testers. Get agnostic advice from industry experts on how secure your business.

Types of Vulnerability Assessment

Fully Automated
Vulnerability Assessment

Fully Automated Vulnerability Assessments include a scan and report created by our scanning engine. There is no manual issue merging, review or manual verification.

£110

Per Month

£1320

Per Year

For up to 5x External hosts

Request Now

CREST-approved Semi-automated
Vulnerability Assessment

A CREST-approved Semi-automated Vulnerability Assessment is performed using our scanning engine by one of our security consultants who will manually review the output.

£550

One Time Scan

£5940

Custom Frequency

For up to 50x External hosts

Request Now

Service Comparison Table

  Fully Automated Semi Automated Manual
Features
Vulnerability Assessment
CREST Approved Vulnerability Assessment
CREST Approved Penetration Testing
Scan Scope External Only External External & Internal
Commercial Search Engine

✔​

✔​

✔​

Full Port Scan

✔​

✔​

✔​

Vulnerability Report

✔​

✔​

✔​

Risk Ratings/CVSS Scores

✔​

✔​

✔​

CREST Approved

✔​

✔​

Human Manual Verification

✔​

✔​

Issue Merging

✔​

✔​

Custom Report Issue Wording

✔​

✔​

Certified Consultant Led

✔​

✔​

Issue Chaining

✔​

Manual Testing Methods

✔​

Management Executive Summary

✔​

Report Walkthrough

✔​

NCSC CHECK ITHC Approved

✔​

Armadillo Accreditations CREST VA PEN TEST STAR CHECK

Our Accreditations 

Armadillo Sec, part of the Chess Group since 2021, are a CREST approved Penetration Testing, Vulnerability Assessment and a STAR and GBEST Attack Simulation testing company, accredited by the NCSC as a green light company authorised to perform CHECK ITHC assessments for government departments. 

Useful Resources

Blog

Vulnerability Assessment v Penetration Test

Gavin Wood, CTO at Chess, explains the difference between Vulnerability Assessment and Penetration Testing and their applications. 

Blog

Prevention v Cure: Introduction to Pen Testing

Gavin Wood, CTO at Chess, explains what penetration testing is and why diagnosing vulnerabilities earlier can save you money. 

Blog

Chess Acquires Additional Cybersecurity Expertise

Speak to a Product Specialist

You can fill out the form and one of our product specialists will contact you shortly with more information.
Sales
To contact our Sales team directly, please call 0344 770 6000 and choose option 4.
Customer Service
For general queries or to report a non-urgent fault, please log a ticket on our customer portal using the email address associated with your account. Logging a ticket is quick and easy to do. Once you have logged your ticket, we will respond within 24 hours or your Service Level Agreement, whichever is quicker.
I agree for my information to be used for marketing communications.
Chess Privacy Notice

By submitting your personal information through this form, you consent to your information being processed in accordance with the Chess group privacy notice.