Vulnerability scans

Our penetration tests include vulnerability scans.

That said, in certain contexts, we understand that you may prefer to carry out a scan rather than a full penetration test.

It's important to note that a vulnerability scan is not a substitute for a penetration test; they are two different approaches, each providing additional information on the security status of your systems.

What we can

  • Internal network
  • Active Directory
  • External IPs
  • Websites and webapps
  • Cloud (AWS, Azure, etc.)
  • PCI DSS

Why perform

New vulnerabilities are discovered every day, putting your IT network at risk.

A scanning tool can automatically discover the vulnerabilities present on your networks and suggest the corrective measures to be implemented.

Certain security standards, such as PCI DSS, also require vulnerability scans. We use Tenable, one of the PCI-approved vendors.

The best approach is to carry out scans on a recurring basis: you'll be able to validate that patches have been made, and you'll be quickly informed if your network is affected by new vulnerabilities.

Here are the main differences between a vulnerability scan and a penetration test:
we go the extra mile

We go the extra mile

The role of a scanner is to find as many vulnerabilities as possible. That said, we understand that providing you with a report of 1,000 vulnerabilities to fix isn't going to help. Too much data is like not enough.

What we provide in addition to the scan results :

  • Vulnerabilities grouped together for easier, more efficient management.

  • In addition to classification by criticality, vulnerabilities are grouped by asset. Focus on your most important assets.

  • Report delivered via our platform for a smoother user experience than a PDF or excel report.

  • Our “no bullshit policy”: some vulnerabilities identified by scanning tools don't necessarily need to be dealt with, we'll give you the straight facts.

Whether we collaborate year-round or for a one-time project, you will feel like you belong to our team ( this is not coming from us as a comment 🤓 ). 

No client/vendor here, just humans working together to find solutions that make sense. 

We can't wait to talk solutions with you ;)

Why Yack?

First, for those of you who don't know, the yak is an animal. The energy it radiates (chill with its toupee, but we wouldn't want to piss it off with its horns...) represents us well, and the nerdiest among you might see the little nod to Linux 😉. Of course, Yack's resemblance to Hack is no mere coincidence. It's also a short, punchy name that, once again, sounds like us. Finally, it's a word that earns you 24 points in Scrabble (hello Office de la langue française). Why did you choose .one? In offensive security, all it takes is one attack..."
A little more about us

"Pourquoi Yack?

First, pour ceux qui ne le savent pas, le yack est un animal. L'énergie qu'il dégage (chill avec son toupet, mais on ne voudrait pas l'énerver avec ses cornes...) nous représente bien, et les plus nerds d'entre vous verront peut-être le petit clin d'œil à Linux 😉. Bien sûr, la ressemblance de Yack avec Hack n'est pas une simple coïncidence. C'est aussi un nom court, qui punch, et qui encore une fois, nous ressemble. Enfin, c'est un mot qui te rapporte 24 points au scrabble (bonjour office de la langue française). Pourquoi avoir choisi .one? En sécurité offensive, il suffit d'une (one) attaque..."
Un peu plus sur nous