You can’t fix vulnerabilities you don’t know about

Vulnerability Assessments

At Filament Information Security, our Vulnerability Assessment services identify, analyze, and help you address weaknesses across your environment before they can be exploited.

We combine automated scanning with expert review and contextual analysis to provide a clear, prioritized picture of your security posture, and practical steps to strengthen it.

Why Filament?

  • Nonprofit Costing: Get expert support at a lower cost from a fellow nonprofit.
  • Flexible Engagements: Schedules that fit your needs and timelines.
  • Experienced Professionals: Benefit from our team’s years of experience and industry certifications.

Identify and Prioritize Security Weaknesses

Vulnerability tools can produce hundreds of findings, but not all represent meaningful risk. Filament’s assessments go beyond automation by verifying and interpreting results, filtering out false positives, and focusing your attention where it matters most. The result is an actionable roadmap that supports both technical and leadership decision-making.

How It Works

  1. Scoping & Preparation
    Define the systems, IP ranges, or applications to be assessed, ensuring full clarity on objectives and permissions.
  2. Automated Vulnerability Assessment
    Our team conducts a comprehensive automated evaluation to identify vulnerabilities, misconfigurations, and missing patches.
  3. Analyst Review & Validation
    Each assessment is reviewed by a security analyst who validates key findings and removes irrelevant or false-positive results.
  4. Risk Context & Prioritization
    Findings are organized by severity (Critical, High, Medium, Low, Informational) and prioritized based on exploitability, impact, and asset importance.
  5. Reporting & Walkthrough
    You receive a clear, structured report and the option for a guided review session to discuss results and next steps.

 

Contents of the Report

  • Validated Findings
    Clean, verified results focused on actionable vulnerabilities.
  • Severity Ratings
    Standardized scoring (CVSS-based) to help prioritize remediation.
  • Affected Systems
    Identification of vulnerable hosts, applications, and services.
  • Exploit Awareness
    Indicators of known public exploits or active threat activity.
  • Technical Details
    Reference identifiers (e.g., CVE), affected software versions, and descriptions of the issue.
  • Recommended Remediation
    Vendor-supported patching, configuration, or mitigation guidance.

Meet the Team

Art Provost

Art Provost

Art, with 30 years of experience in Information Security across diverse roles, joined Filament in 2011 and holds multiple certifications, including CISSP, GSEC, GPEN, GWAPT, and CISM.

Tyler Malcom

Tyler Malcom

Tyler, who joined Filament in 2022, has a strong background in cyber defense and offensive operations from his time in the US Navy and holds CISSP and GSEC certifications.

Keri Kunkle

Keri Kunkle

Keri, who joined Filament in 2023, is a seasoned cybersecurity professional with experience in the US Marine Corps and Department of Defense, holding multiple certifications and advanced degrees in cybersecurity.

Learn More About Our Experts

Expert Help is On the Way

Schedule a Free Discovery Call

Explore your organization’s future with a quick conversation with Filament Information Security services.

Contact us today to learn more about how we can help you achieve your security goals.