Security Vulnerability Assessments

To request a security vulnerability assessment scan, please contact:

SecurityTeam-L@listserv.emory.edu.

The Security Team can perform a security vulnerability assessment(s) of your desktop(s), server(s), and infrastructure devices. These assessments identify potential risks and determine if vulnerabilities exist that could be compromised by hackers or tools.

We recommend that assessments be completed for:

  • New devices being placed on the network for the first time

  • A machine that has been compromised

  • A machine that was compromised and has been repaired (or operating system reinstalled)

  • Servers supporting critical Emory functions

  • Servers supporting sensitive applications and programs

  • Servers storing sensitive data including identity information, patient records, research data, etc

  • Web servers

In the majority of cases, the scan does not impact the machines' ability to function. During the scan, the requestor may see a pop-up window that advises a scan is being performed.

Upon request, the Security Team can complete a more invasive scan that utilizes the denial of service attack tools available on the scanning software. These types of scans may be considered prior to placing new or newly patched servers on the network. These scans are NOT performed routinely but rather on request only.

Scans can be scheduled for "one time" or established on a routine basis (monthly or quarterly).

The Security Team uses the Nessus Open Source Scanning tool to assess security vulnerabilities. Once the scan(s) has been completed, we provide you with a report of vulnerabilities along with the instructions to resolve the issue.