Security Assessment


InfoDefense offers a wide range of security assessment services that are designed to identify vulnerabilities and remediation guidance.

Our Security Assessment services include system vulnerability assessments, penetration testing, red team exercises, information risk assessments and security program evaluations.
CMMC Assessments

CMMC Assessments


Protect Compliance Icon

CMMC/NIST SP 800-171 Gap Analysis

Now that you know which CMMC level your business requires, the next step is a CMMC Gap Analysis that determines your adherence to each requirement. Once complete, the analysis will detail each requirement and determine if your organization is prepared to meet compliance for it.
Contract Icon

CMMC Pre-Assessment

The CMMC Pre-Assessment helps ensure that you've remediated any outstanding practices or processes found in your Gap Analysis, verifying 100% compliance before the auditing process takes place.

CMMC/NIST SP 800-171 Gap Analysis

Now that you know which CMMC level your business requires, the next step is a CMMC Gap Analysis that determines your adherence to each requirement. Once complete, the analysis will detail each requirement and determine if your organization is prepared to meet compliance for it.

CMMC Pre-Assessment

The CMMC Pre-Assessment helps ensure that you've remediated any outstanding practices or processes found in your Gap Analysis, verifying 100% compliance before the auditing process takes place.


Internet Exposure Assessment

The Internet Exposure Assessment identifies security gaps in your firewall and Internet-accessible servers. During an Internet Exposure Assessment, InfoDefense security experts perform a test to identify firewall and Internet-exposed server vulnerabilities. Our consultants then review vulnerabilities with you to provide remediation guidance.

Exposure Assessment Icon

Internet Exposure Assessment

The Internet Exposure Assessment identifies security gaps in your firewall and Internet-accessible servers. During an Internet Exposure Assessment, InfoDefense security experts perform a test to identify firewall and Internet-exposed server vulnerabilities. Our consultants then review vulnerabilities with you to provide remediation guidance.

Vulnerability Assessment

The Vulnerability Assessment assesses corporate network devices for flaws such as missing security updates and configuration errors. During a vulnerability assessment, our security experts test the local-area and wide-area networks for known vulnerabilities. Tests include servers, workstations and network devices. As with all of our assessments, we not only summarize our findings, but we make recommendations to resolve each vulnerability we find.

Vulnerability Test Icon

Vulnerability Assessment

The Vulnerability Assessment assesses corporate network devices for flaws such as missing security updates and configuration errors. During a vulnerability assessment, our security experts test the local-area and wide-area networks for known vulnerabilities. Tests include servers, workstations and network devices. As with all of our assessments, we not only summarize our findings, but we make recommendations to resolve each vulnerability we find.

Penetration Testing

Discover if your web applications, critical systems, offices or employees are susceptible to attack. The penetration test is designed to not only identify vulnerabilities, but also exploit them in a controlled manner. Because of the potential disruption to production operations, penetration tests are often performed on quality assurance or staging systems rather than production systems.

Penetration Testing Icon

Penetration Testing

Discover if your web applications, critical systems, offices or employees are susceptible to attack. The penetration test is designed to not only identify vulnerabilities, but also exploit them in a controlled manner. Because of the potential disruption to production operations, penetration tests are often performed on quality assurance or staging systems rather than production systems.

Enterprise Information Security Review

The Enterprise Information Security Review is our most comprehensive security controls assessment. This service identifies not only technical, but also business process security gaps. InfoDefense uses its proprietary assessment methodology, based on time-tested industry standards, to ensure reliable results.

Security Review Icon

Enterprise Information Security Review

The Enterprise Information Security Review is our most comprehensive security controls assessment. This service identifies not only technical, but also business process security gaps. InfoDefense uses its proprietary assessment methodology, based on time-tested industry standards, to ensure reliable results.

Human Risk Assessment

Determine how susceptible your employees are to phishing emails, social engineering and other attacks. Our Human Risk Assessment services include phishing, phone-based social engineering, onsite simulated attack exercises and other assessments that test employee vigilance. Results can justify security awareness investments.

Human Risk Assessment Icon

Human Risk Assessment

Determine how susceptible your employees are to phishing emails, social engineering and other attacks. Our Human Risk Assessment services include phishing, phone-based social engineering, onsite simulated attack exercises and other assessments that test employee vigilance. Results can justify security awareness investments.

Maintain eligibility for DoD contracts.

Our security experts provide a free tool to assess your organization's compliance with NIST SP 800-171 or CMMC Level 3.

CMMC LEVEL 3 Self-Assessment Tool

NIST SP 800-171 Self-Assessment Tool

CMMC NIST Compliance Tool Illustration

Maintain eligibility for DoD contracts.

Our security experts provide a free tool to assess your organization's compliance with NIST SP 800-171 or CMMC Level 3.

CMMC LEVEL 3
Self-Assessment Tool

NIST SP 800-171
Self-Assessment Tool

Reach out to schedule an introductory call.

Reach out to schedule an introductory call.