Share

Scoping Questionnaire: Threat Risk Assessment

Scoping Questionnaire: Threat Risk Assessment

Start the questionnaire below.

If you have any questions about the questionnaire process, feel free to speak to one of Canary Trap’s live agents using the chat widget below or contact us to book a consultation.

  • Gaining a clear understanding of your requirements

A Threat and Risk Assessment analyzes a software system for vulnerabilities, examines potential threats associated with those vulnerabilities, and evaluates the resulting security risks.

According to NIST SP800-30, a vulnerability is any “flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of the system’s security policy.”

The level of threat is determined from the potential for any natural, human or environmental source to trigger or exploit any identified vulnerability. Canary Trap’s Threat Risk Assessment looks at both the probability of that threat occurring, and the impact on both system and organization should it occur. We will work through the appropriate strategies can then be implemented for each risk depending on the severity. This can include acceptance of the risk, adoption of a mitigation plan, or implementation of an avoidance strategy.

  • Contact Information

  • Questions/Requirements for Threat Risk Assessment

  • Document Upload

  • Drop files here or
    Accepted file types: pdf, doc, docx, Max. file size: 30 MB, Max. files: 5.
    • Canary Trap will request policy and procedure documentation if available as well other documentation related to the service, application or process. We will also conduct phone interviews with technical staff to gain an understanding of your organization, in order to identify threats, vulnerabilities and risks. We’ll make strategic recommendations to reduce your risk profile. This service can also be paired with a web application or network perimeter penetration test.
    • This field is for validation purposes and should be left unchanged.