External Network Vulnerability Scan
Automated scanning of your internet-facing systems, with results manually reviewed by a consultant to remove false positives and prioritise real findings.
What is an external network vulnerability scan?
An external network vulnerability scan is an automated assessment of your internet-facing systems, such as websites, mail servers and remote access services. It identifies known vulnerabilities, exposed services and weak configurations that an attacker could reach from the internet.
What we cover
- Asset and service discovery: identifying reachable hosts, open ports and exposed services across your public IP ranges.
- Patch and vulnerability checks: detecting known vulnerabilities and missing updates on internet-facing software.
- Configuration weaknesses: highlighting insecure settings, default credentials and services that should not be publicly exposed.
- Encryption review: checking SSL/TLS settings, weak cipher suites and certificate validity.
- Manual review: a consultant reviews the scan output to remove false positives and confirm which findings are genuine.
Who needs it
Organisations with any systems exposed to the internet, including websites, VPNs and mail servers. It suits teams working towards compliance such as ISO 27001 or PCI DSS, and any business wanting regular visibility of its external attack surface.
What the process looks like
We confirm the scope in writing, then run the automated scan against the agreed external addresses. A consultant manually reviews the results to remove false positives and add context, then delivers a prioritised report with severity ratings, plain-language explanations and remediation guidance.