# Advanced Vulnerability Assessment

## Description

Advanced Vulnerability Assessment is a combination of a system vulnerability audit with an application vulnerability audit for a 360° view of your security level.

The AVA service is operated by a cybersecurity engineer who will perform a set of security tests on the selected targets and provide you with a complete and comprehensive audit report.\
For each identified vulnerability, the report provides: criticality, description, attack vector, potential impact and solution.

The AVA service is based on two market-leading and complementary vulnerability audit solutions:

* **Qualys Vulnerability Management** for system, infrastructure and middleware vulnerabilities (CVE)
  * Vulnerability scanning of public and private IP addresses of all components of your application
* **Acunetix** for web application vulnerabilities (OWASP Top 10)
  * Dynamic Application Security Testing (DAST) solution
  * Unauthenticated scan: testing the resistance of authentication forms, enrolment forms, password resets, etc.
  * Authenticated scan: exploitation of internal application functions, data partitioning, elevation of privileges, etc.
  * API Scan: Supported API types: SOAP/XML, REST, GraphQL

Identify and fix your security vulnerabilities before others exploit them!

<figure><img src="https://835168969-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F2FXoHyOBZPpJv3UALn4V%2Fuploads%2Fgit-blob-6a81c8553547943d8d3d673ef0a477fb9076eeff%2Fspaces_u3cmMjeBxFoEweG69ePZ_uploads_e1GZCUJWZpTWx4AIZBIG_image2022-2-15_17-49-51.webp?alt=media" alt=""><figcaption></figcaption></figure>

## Quick Start

The first step is to evaluate the perimeter requiring a security test.\
This scope must include all servers that interact with the application service.

In this example, it will be :

* All servers exposed on the frontend.
* All servers that compute the service in the backend.
* All related servers, like BDD servers.

<figure><img src="https://835168969-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F2FXoHyOBZPpJv3UALn4V%2Fuploads%2Fgit-blob-a10ec1d65f08469abf392b05a0b9c4613becdc0d%2Fspaces_u3cmMjeBxFoEweG69ePZ_uploads_hGl3BgUqU06GQAR8003U_image.webp?alt=media" alt=""><figcaption><p>Example</p></figcaption></figure>

## Conduct

The service is divided in two steps:

1. System and infrastructure vulnerability scanner: You need to identify all active servers in the service.
2. A web application scanner: the URL of the application + a scan profile needs to be delivered.

All this informations needs to be filled inside a "Technical qualification questionnaire" document to help you identify the scope.

## Reports

Three reports will be sent:

* A report from cegedim.cloud summarizing all the information and providing recommendations on the security status of the product
* A Qualys Scanner report with all system vulnerabilities
* An Acunetix report with all web application vulnerabilities


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://academy.cegedim.cloud/security/advanced-vulnerability-assessment.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.