About Vulnerability Management & Assessment

The Department of Technology offers subnet scans and a PDF report of the results to client departments as a generally funded service. The results will then be expunged from our system to make the service available to all departments.

Enhanced Vulnerability Assessment services allow for continuous scanning as a paid service. Continuous scanning includes persistent customized scan configurations that meet a variety of scenarios and needs. Please contact DT Security to discuss your options.

The San Francisco Department of Technology provides the following Vulnerability Management features:

  • Real-time network monitoring
  • Scheduled and Distributed Scanning
  • Compliance reporting
  • Single Management and Reporting Console
  • Remediation Recommendations


What is Vulnerability Assessment & Monitoring?

A vulnerability assessment is the process of identifying, quantifying, and prioritizing the vulnerabilities present in a system. Assessments are typically performed according to the following steps:

  • Cataloging assets and capabilities in a system
  • Assigning quantifiable value, rank order or importance to those assets
  • Identifying the vulnerabilities or potential threats to each asset
  • Mitigating or eliminating the most serious vulnerabilities for the most valuable resources
When is Vulnerability Assessment & Monitoring most effective?

Though it can be useful at any point the an event lifecycle,vulnerability assessment is best performed before an event occurs.