Automated Vulnerability Assessment (AVA)

Manual penetration testing, although highly valuable, is often conducted on an annual or in-frequent basis. Over the course of a year, new vulnerabilities will emerge which may not be visible to security managers until their next manual test. The purpose of AVA is to provide more frequent assurance on the security of a client’s internet-facing infrastructure.

Running AVA can act as a back-up for your change control procedures making sure administrational changes don’t expose security weaknesses on your internet-facing systems.

The AVA report is valuable from both a management and technical perspective. The report details changes and on-going trends in your security posture as well as thorough and understandable technical advice for issue remediation.

The AVA service model is broken down into three distinct services as outlined below:

Level of Service   Level of AutomationFalse Positive CheckingHost ReconnaissanceFrequency of ScansTest Window
SilverFully automatedNoneNoneMonthlyDefined by Context
GoldSemi-assisted by consultantFalse positive checking of:
Critical issues
High issues
YesFortnightlyRequested by customer, defined by Context 
PlatinumConsultant AssistedFalse positive checking of:
Critical issues
High issues
Medium issues
YesWeeklyDefined by customer

To discuss this service in more detail please call + 44 (0)207 5377515 or email

© Copyright 2013 Context Information Security