Critical Asset Security Assessment (CASA)
Internal vulnerability assessment, manual validation, and penetration testing of mission-critical assets—including applications, servers, routers, and switches—to validate layered security and defense-in-depth. Testing is performed inside the network perimeter, behind firewalls, ensuring unfiltered results. The scope includes internal-only systems as well as Internet-facing (DMZ) critical assets, analyzed from within the network.
Highlights
- Scanning to establish a baseline of vulnerabilities and security risks
- Best-of-breed open-source and commercial vulnerability tools
- Multiple tools mitigate individual limitations and leverage each tool's strengths
- Manual validation to eliminate false positives and confirm findings
- Manual testing identifies additional vulnerabilities undetectable by automated tools
- Penetration testing using custom-designed and existing exploits to accurately gauge severity
- Illumant’s penetration testing methodologies are continually refined through ongoing research and participation in industry forums and conferences (e.g., BlackHat, DEFCON, SANS)
- Classification of vulnerabilities by severity
- Practical remediation recommendations
- Benchmark comparison against industry standards
Targets
Networks, systems, applications, services, ports, and protocols within firewall boundaries—unfiltered analysis:
- Web applications (non-credentialed testing)
- For credentialed testing, see Web Application Security Assessment (WASA)
- Web/Intranet sites
- Servers
- Firewalls
- Internal routers
- 100,000+ known vulnerabilities, including unique issues from custom configurations and software
internal vulnerability assessment manual validation penetration testing practical remediation advice exploits
internal systems/networks internal perspective applications servers routers firewalls
PCI HIPAA GLBA
2006-2025 © Illumant, LLC. All Rights Reserved. 