<div>
Actually my colleague met up with them &amp;&nbsp;probably provided inputs to a list of questions.<br />
<br />
What I have doubt with was they scored us as &quot;B&quot; for &nbsp;exploitable/open ports eg: Telnet, ftp,<br />
Sql 1433 which I'm certain (from our VA scans) we've closed these while &quot;Unsafe File sharing&quot;<br />
was rated as A (which I think we have a couple of internally sharing which are unsafe)
</div>


Actually my colleague met up with them & probably provided inputs to a list of questions.

What I have doubt with was they scored us as "B" for  exploitable/open ports eg: Telnet, ftp,
Sql 1433 which I'm certain (from our VA scans) we've closed these while "Unsafe File sharing"
was rated as A (which I think we have a couple of internally sharing which are unsafe)

<div>
<div class="content wysiwyg-content">
refer to attached zipped slides:<br />
any reviews / views on accuracy &amp;&nbsp;thoroughness of this service is appreciated.<br />
<br />
I think it relies on a list of questionnairres that customers feedback/input to<br />
them, so I guess it will not be as accurate as doing actual penetration test scans<br />
or vulnerability scans in our actual environment<br />
<a href="https://filedb.experts-exchange.com/incoming/2017/07_w29/1183409/cybint.zip" target="_blank" class="file-inline" title="Cyb Int slides (304 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>cybint.zip</a>
</div>
</div>


cybint.zip

refer to attached zipped slides:
any reviews / views on accuracy & thoroughness of this service is appreciated.

I think it relies on a list of questionnairres that customers feedback/input to
them, so I guess it will not be as accurate as doing actual penetration test scans
or vulnerability scans in our actual environment

Accuracy &amp; thoroughness of CyberInt

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Vulnerabilities

The cyber security specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cyber security refers to the protection of personal or organizational information or information resources from unauthorized access, attacks, theft, or data damage. This includes controlling physical access to the hardware, as well as protecting against the harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.

Cyber Security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Accuracy &amp; thoroughness of CyberInt

Accuracy & thoroughness of CyberInt