Operational Methodology

Secure Network, after receiving the initial request, conducts a careful assessment of the requirements with the Client to evaluate the most suitable methodology and approach:

Initial request

Requirements analysis

Security assessment

Report

 

 

Retest

Conclusions

Risk Classification

Each issue identified during Security Assessment activities will be categorized in the technical reports according to the evaluation criteria of the standard methodologies used, weighting both technical and business factors to best assess the actual impact contextualized to the objective of the analyses.

Secure Network adopts the following standard methodologies to estimate the risk associated with vulnerabilities identified during security assessments:

The OWASP Risk Rating Methodology model is used for application assessments

The Common Vulnerability Scoring System (CVSS) model is used for infrastructure assessments

Risk level

he final risk value is obtained by combining the possible impact of the vulnerability with an assessment of the likelihood of its exploitation by an attacker, considering, for instance, the level of access needed, the extent of the issue, the knowledge required to use it.

Secure Network is willing to adopt other specific risk calculation methodologies adopted by the Client to provide a result compatible and comparable with previous analyses or internal processes.

Low

Medium

High

Critical

Secure Network

Follow us on social media

MILAN:
Via dei Valtorta, 48
20127 Milano
Phone: +39.02.49608226

Secure Network S.r.l. | Via dei Valtorta 48, 20127 Milano (MI) Tax code and VAT number 04205230966

Privacy and Cookie Policy