Penetration Testing Services | Netia
Top menu

Netia Vulnerability Tests

Examine your IT systems under a magnifying glass

Conduct vulnerability tests of your IT infrastructure and systems against cyber threats to protect your business from attacks and financial losses.

Examine the health of your cybersecurity ecosystem

Do you have complete information about the company's resources and how its network is built?
Can you state with full knowledge that your business does not have any vulnerabilities?
Are you prepared to address identified vulnerabilities to avoid losses when those vulnerabilities are exploited?
Are you prepared to address identified vulnerabilities to avoid losses when those vulnerabilities are exploited?
Do you still claim that cyberattacks and threats do not concern you?
Business security performance test

Vulnerability Tests are another element of the offer of professional cybersecurity services from Netia. Inseparable components of the service are many years of experience of a specialized Security Operations Center team and the use of technology from one of the world's leaders (Nessus Professional by Tenable) in the area of testing and vulnerability management.


Study of the company's infrastructure and systems

Vulnerability scanning of the indicated systems is performed in order to detect their potential weaknesses that could be used to gain unauthorized access resulting, for example, in leakage of sensitive data. This exposes companies to financial and image losses as well as legal consequences.

For Vulnerability Tests, performed once or periodically (which is recommended), we use our experience and technology of one of the world's leaders (Nessus scanner from Tenable). We can take a closer look at all systems and resources available through public IP addressing on the Internet.

ISO 27001 standard

Knowledge about the potential weaknesses of the systems in use is the first and necessary element in the process of reducing cybersecurity risk. It is also a good practice and recommendation resulting, for example, from the international standard ISO 27001 (A.12.6.1), or in the case of the financial market from Recommendation D of the Polish Financial Supervision Authority (18.7).

Come and talk to us!
or call us at
+48 22 715 02 00

The most important features:


High-precision scanning with a marginal participation of false-positives.


Based on many years of experience in implementing security solutions and mitigating cyber threats.

Statistics and reports

In selected variants of the service, the UTM device logs all security events, which allows the generation of collective monthly reports, enabling periodic assessment of the security status.

Benefits of using Vulnerability Tests:
Vulnerability library
  • Reporting and monitoring

    •    Flexible reporting - customize reports by vulnerability or device, generate a summary for the Management or compare the results of different scans to highlight changes; standard .xml, .pdf, .html or .csv
    •    Targeted email notifications of scan results, recommendations for corrective actions and improvements to scan configuration.
  • Scanning possibilities

    • •    Precise and efficient detection of resources
      •    Vulnerability scanning (including IPv4, IPv6, hybrid networks)
      o    vulnerability detection without authentication
      o    authenticated scanning to seal systems and detect missing patches
      •    Wide range of resources and profiling capabilities:
      o    network devices: firewalls, routers, switches (e.g. Juniper, Cisco, Palo Alto, Check Point), printers, network drives
      o    configuration of offline audits of network devices
      o    virtualization: Vmware ESX, ESXi, vSphere, vCenter, Microsoft, Hyper-V, Citrix Xen Server
      o    operating systems: Windows, OS X, Linux, Solaris, FreeBSD, Cisco iOS, IBM iSeries
      o    databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL, MongoDB
      o    web applications: web servers and services, OWASP vulnerabilities
      o    cloud: scanning application configuration and instances in clouds such as Salesforce or AWS
      o    meets PCI DSS requirements through the ability to configure a dedicated audit
      •    Threats: botnets, malicious processes, audits of antivirus systems
      o    finding viruses, malware, vulnerabilities, communication of devices with infected systems, audits of known and unknown processes and websites related to malicious content
      o    compliance audit with: FFIEC, FISMA, CyberScope, GLBA, HIPAA/HITECH, NERC, PCI, SCAP, SOX, GIODO
      o    audit configuration: CERT, CIS, COBIT/ITIL, DISA STIGs, FDCC, ISO, NIST, NSA
      •    Audits of industrial automation systems: SCADA systems, embedded devices and ICS applications
      •    Audits of sensitive content: personal data (e.g. payment card numbers, PESEL, etc.)
  • Management

    •    Implementation flexibility - software, hardware, virtual device can be run at the customer's premises or in Netia's cloud.
    •    Scan options (possible types of scans) - remote scanning without authentication or with authentication - local scans for deeper and more detailed analysis of resources connected to the network, temporarily disconnected or remotely accessible
    •    Scan configuration and policies - predefined policies and configuration patterns
    •    Risk Assessment - vulnerability rating based on CVSS (Common Vulnerability Scoring System), five severity levels (Critical, High, Medium, Low, Informative)
    •    Prioritization - correlation with data from exploit databases (Metasploit, CoreImpact, Canvas, ExploitHub) and filtering according to the probability of exploitation of the vulnerability and its vulnerability
    •    Extensibility - integration with existing vulnerability management paths using RESTful API support
Come and talk to us!
or call us at
+48 22 715 02 00

Choose your language ×