Add-on or standalone

Vulnerability Scan

Automated scanning of up to 10 of your business's assets — servers, computers, network devices — to find known security weaknesses before attackers do. Results delivered in plain language with clear next steps.

What it is

Find the cracks in your foundation.

Every device and server connected to your network is a potential entry point. Vulnerability scanning uses industry-standard tools to check each asset against a constantly updated database of known security issues — outdated software, misconfigured services, unpatched operating systems, and more.

For small businesses, this is often where the most critical and most fixable problems are found. Many vulnerabilities are simply the result of software that hasn't been updated — and most can be addressed without outside help once you know they exist.

Up to 10 assets included. Assets can be servers, workstations, laptops, network devices (routers, switches, firewalls), or any other IP-addressable device on your network. Need to scan more? Contact us to discuss options.

10
Assets included per scan
60%
Of breaches exploit known, unpatched vulnerabilities
CVE
Industry-standard vulnerability database used
48h
Typical turnaround from scan to report
What's included

What we scan for.

  • Known CVEs — Checks each asset against the NIST National Vulnerability Database for publicly disclosed security flaws
  • Outdated software — Operating systems, applications, and firmware running versions with known vulnerabilities
  • Open ports & services — Services exposed on the network that shouldn't be, or that are running unnecessary attack surface
  • Weak configurations — Default credentials, insecure protocols (Telnet, FTP, unencrypted HTTP), and misconfigured services
  • Up to 10 assets — Servers, workstations, laptops, network devices, or any IP-addressable device
  • Plain-language report — Every finding explained in plain English, rated by severity, with a concrete next step
  • Results call — A follow-up session to walk through findings and answer your questions
What's not included

Scope boundaries.

  • More than 10 assets (contact us for larger scopes)
  • Active exploitation or penetration testing
  • Web application scanning (see Attack Surface Assessment)
  • Patching or remediation of identified vulnerabilities
  • Cloud infrastructure scanning (AWS, Azure, Google Cloud)

Standalone or add-on? The Vulnerability Scan works well on its own if you already have a general sense of your security posture and want to go deeper on your devices. It's most powerful as a complement to the full Security Assessment, where findings from both give you a complete picture.

The process

How the scan works.

The scan itself is non-invasive and runs in the background. Most businesses see minimal to no disruption.

01

Asset inventory

You provide a list of up to 10 assets to scan — or we help you identify them. We confirm IP addresses and access requirements before starting.

02

Scan

We run a non-destructive, authenticated scan of each asset. The process typically takes a few hours and has no impact on normal business operations.

03

Report & review

You receive a plain-language report within 48 hours of the scan completing, followed by a call to walk through every finding and next step.

Related services

Often paired with.

Security Assessment

The broader review that puts vulnerability scan results in context — email, network, data practices, and more.

Learn more →

Attack Surface Assessment

While the vuln scan covers internal assets, the attack surface assessment looks at what's exposed publicly online.

Learn more →

Security Policy Writing

Turn findings into enforceable practices your staff can follow — patch schedules, update policies, and more.

Learn more →
Pricing

Simple, transparent pricing.

Priced per engagement. No subscription, no retainer. Add-on pricing applies when bundled with a Security Assessment.

Standalone
$397
up to 10 assets
  • Up to 10 assets scanned
  • Plain-language report
  • Results walkthrough call
  • Delivered within 48 hours
Add-on
$247
when added to an assessment
  • Same scope as standalone
  • Findings integrated into main report
  • No separate walkthrough call needed

Need more than 10 assets? Contact us for a custom quote.

Ready to scan your assets?

Find out what vulnerabilities are hiding in your network before an attacker does.

Get started →