Vulnerability Assessment

IT workers discussing OnX Canada vulnerability assessment


Pinpoint the Gaps in Your Cyber-Resiliency Program


When you’re unable to dedicate the certified resources needed to manage cybersecurity risks, how do you protect your company’s vital digital assets, precious data and brand reputation? When you’re fending off hacker intrusions, how do you focus on your core business if you are unable to determine where a persistent adversary may strike? When your annual compliance review requires documented testing of your network’s weaknesses, how do you ensure you are properly managing information security risk to your environment, and previous digital assets?

The Vulnerability Assessment is a rigorous testing regimen that examines your IT environment and digital assets to identify weaknesses, analyze risk, and find the optimum path to a resilient information security posture.

OnX offers a leading edge Vulnerability Assessment (VA) service to address these areas of concern. The OnX VA is a rigorous testing regimen that examines your IT environment to identify weak points, analyze potential risks, and help define the most effective strategy to a resilient security posture.

Our VA examines your:

  • Network infrastructure. Identify and mitigate risk to prevent attacks from cascading throughout your entire IT environment.
  • Critical assets. Protect facilities, systems, and equipment that would cripple your company if lost to a cyber attack.
  • Wireless networks. Don’t give hackers a Wi-Fi back door into your systems.
  • Web applications. Nine-tenths of all vulnerabilities are at the application layer. We can help you lock any doors in your source code before hackers find them.

OnX Vulnerability Assessments Tailored for Your Business

The OnX Vulnerability Assessment, or VA, documents the weaknesses in your IT environment —identifying known and unknown risks, and recommending procedures to either mitigate or reduce risks. Our VA is ideal for organizations that:

  • Do not have the in-house staff, expertise, or budget to complete a robust VA.
  • Lack the time required to perform a VA thoroughly.
  • Aren’t sure where to start in complying with cybersecurity regulations.
  • Need a VA to pass their annual regulatory compliance reviews.
  • Prefer to have an impartial third party conduct their Vulnerability Assessment.

OnX Vulnerability Assessments Help You:

  • Comply with regulatory requirements demanding Vulnerability Assessments.
  • Discover new potential attack vectors and target higher-risk vulnerabilities.
  • Test the effectiveness of your cyber defenses.
  • Evaluate the business and market risks of a major cyber-attack.
  • Justify cost of investing in robust network security.
  • Increase competitive advantage and build trust with clients
  • Mitigate cyber risks and create empirical data to validate compliance with regulations and best practices such as HIPAA, PCI, CIS Top 20 CSC, NIST SP 800-53, ISO 27000 Series, SOX and similar standards.

Supported Technologies

Vulnerability Assessments can examine environments including wireless, network, web and applications.

Our Six-Point Process

OnX services such as 24×7 enterpriseclass monitoring, managed backups and DR testing and documentation help you:

  1. Documentation review. Our team collects your policies, procedures, rules, configurations, layouts, network diagrams, architectures, and other available relevant information.
  2. Interviews. We talk to key personnel to enhance the effectiveness of your testing plan.
  3. Inspection. We monitor your IT environment, document any issues that arise, and assess compliance with regulations and best practices.
  4. Vulnerability research. We gather all the data from the first three stages and evaluate systems gaps to enhance test execution.
  5. Execution. We perform the full Vulnerability Assessment.
  6. Vulnerability report. Detailed analysis includes recommendations for strengthening your security posture.


  • Vulnerability Assessment report
  • Presentation of results and recommendations

Why OnX

OnX security SMEs have more than 15 years of cyber defense experience and extensive training in ethical hacking. They belong to (ISC)2, ISACA, SANs, Cisco and many other IT security organizations, and they hold certifications including CISSP, CISM, CEH, CHFI, PMP, CCIE, among others.

OnX uses lean Vulnerability Assessments — examining only the areas you really need and ensuring more cost-effective results.

All these strengths build on our three-decade track record for providing unmatched enterprise IT and data center expertise, focusing on business outcomes, throughout North America.