A vulnerability assessment is the process of identifying and calculating the severity of vulnerabilities across systems to help a firm better understand their risk posture. The result of a vulnerability assessment is a list of vulnerabilities that are typically prioritized by severity.
Vulnerability assessments are commonly performed by using automated testing tools such as web and network scanners. A vulnerability assessment can be performed on both the external or internal network. Vulnerability assessments can also be conducted on network device configurations.
If you have not performed a vulnerability assessment, or your security maturity level is low, or you have a high security maturity level and want to preserve and verify the current security posture, a vulnerability assessment is a great option.