# Advanced Vulnerability Assessment

## Description

Advanced Vulnerability Assessment is a combination of a system vulnerability audit with an application vulnerability audit for a 360° view of your security level.

The AVA service is operated by a cybersecurity engineer who will perform a set of security tests on the selected targets and provide you with a complete and comprehensive audit report.\
For each identified vulnerability, the report provides: criticality, description, attack vector, potential impact and solution.

The AVA service is based on two market-leading and complementary vulnerability audit solutions:

* **Qualys Vulnerability Management** for system, infrastructure and middleware vulnerabilities (CVE)
  * Vulnerability scanning of public and private IP addresses of all components of your application
* **Acunetix** for web application vulnerabilities (OWASP Top 10)
  * Dynamic Application Security Testing (DAST) solution
  * Unauthenticated scan: testing the resistance of authentication forms, enrolment forms, password resets, etc.
  * Authenticated scan: exploitation of internal application functions, data partitioning, elevation of privileges, etc.
  * API Scan: Supported API types: SOAP/XML, REST, GraphQL

Identify and fix your security vulnerabilities before others exploit them!

<figure><img src="https://835168969-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F2FXoHyOBZPpJv3UALn4V%2Fuploads%2Fgit-blob-6a81c8553547943d8d3d673ef0a477fb9076eeff%2Fspaces_u3cmMjeBxFoEweG69ePZ_uploads_e1GZCUJWZpTWx4AIZBIG_image2022-2-15_17-49-51.webp?alt=media" alt=""><figcaption></figcaption></figure>

## Quick Start

The first step is to evaluate the perimeter requiring a security test.\
This scope must include all servers that interact with the application service.

In this example, it will be :

* All servers exposed on the frontend.
* All servers that compute the service in the backend.
* All related servers, like BDD servers.

<figure><img src="https://835168969-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F2FXoHyOBZPpJv3UALn4V%2Fuploads%2Fgit-blob-a10ec1d65f08469abf392b05a0b9c4613becdc0d%2Fspaces_u3cmMjeBxFoEweG69ePZ_uploads_hGl3BgUqU06GQAR8003U_image.webp?alt=media" alt=""><figcaption><p>Example</p></figcaption></figure>

## Conduct

The service is divided in two steps:

1. System and infrastructure vulnerability scanner: You need to identify all active servers in the service.
2. A web application scanner: the URL of the application + a scan profile needs to be delivered.

All this informations needs to be filled inside a "Technical qualification questionnaire" document to help you identify the scope.

## Reports

Three reports will be sent:

* A report from cegedim.cloud summarizing all the information and providing recommendations on the security status of the product
* A Qualys Scanner report with all system vulnerabilities
* An Acunetix report with all web application vulnerabilities