One-off vulnerability scanning and subscription-based vulnerability management services designed to identify and track technical risk across your infrastructure.
2
Service Options
Portal
Managed Delivery
24hr
Response Time
Choose Your Service
Vulnerability Scanning
Point-in-time assessment of technical vulnerabilities across agreed in-scope systems for baseline assurance.
One-OffBaseline Assessment
View details →
Vulnerability Management
Scheduled vulnerability scanning combined with lifecycle tracking to maintain ongoing visibility of technical risk.
SubscriptionLifecycle Tracking
View details →
Portal Access
Detailed Reporting
Remediation Guidance
Direct Communication
Attestation Letters
All services are delivered subject to formal scoping, contractual agreement, and explicit authorisation.
Get in Touch
If you would like to discuss an assessment or understand how Nanorisk can support your organisation, please get in touch.
Vulnerability Scanning provides a point-in-time assessment of technical vulnerabilities across agreed in-scope systems.
The service is intended to help organisations establish a baseline understanding of exposure, validate security controls, or support specific assurance activities where ongoing scanning is not required.
How the Service Is Delivered
Vulnerability Scanning is delivered as a one-off engagement, formally scoped and authorised prior to execution.
Scanning activity is strictly limited to the systems and environments defined in the agreed scope. Assessments are conducted using industry-recognised vulnerability scanning technology, supported by appropriate configuration, validation, and review of results.
Reporting and Results
Results are made available through the Nanorisk Security Portal, providing clients with secure access to identified vulnerabilities and supporting information.
Findings represent a point-in-time view of the in-scope environment and do not include ongoing tracking unless the service is combined with a Vulnerability Management subscription.
Suitable For
Baseline security assessments
One-off assurance or validation
Due diligence activities
Limited-scope scanning requirements
Pricing
Pricing is based on defined scope and asset count.
Following an initial scoping discussion, a formal quote and Statement of Work are issued via the Nanorisk Security Portal.
Vulnerability Management
Overview
Vulnerability Management provides scheduled vulnerability scanning combined with lifecycle tracking, enabling organisations to maintain ongoing visibility of technical risk over time.
The service is delivered on a subscription basis and is designed to support structured remediation and risk management rather than isolated, ad-hoc scanning.
How the Service Is Delivered
Vulnerability Management engagements are delivered through the Nanorisk Security Portal, which acts as the central platform for scan scheduling, asset management, and vulnerability tracking.
Scan frequency is agreed during scoping and may be configured on a monthly, fortnightly, weekly, or daily basis, depending on the client's environment and risk profile.
All scanning activity is conducted strictly within an agreed and authorised asset scope.
Asset Bands
Asset bands define the number of in-scope scanning targets:
Band A: 1–25 assets
Band B: 26–100 assets
Band C: 101–500 assets
Band D: 501–1,500 assets
Band E: 1,500+ assets
An "asset" may include an IP address, host, cloud instance, container, or equivalent scanning target.
Scan Frequency Options
Monthly – One scheduled scan per month
Fortnightly – One scheduled scan every two weeks
Weekly – One scheduled scan per week
Daily – One scheduled scan per day
Asset-Centric Approach
Assets form the foundation of Vulnerability Management.
Client assets are onboarded into the portal and used to define scan scope and context. Identified vulnerabilities are linked to specific assets, enabling prioritisation and structured remediation planning.
Vulnerability Lifecycle Tracking
Vulnerability Management provides visibility across multiple scans, allowing clients to:
Track vulnerabilities over time
Mark findings as remediated or closed
Validate remediation efforts through subsequent scans
Identify recurring issues and trends
This approach supports ongoing risk management rather than isolated remediation activities.
On-Demand Validation
Where required, additional scans may be requested outside the regular scan schedule to validate remediation efforts or support change-driven assurance, subject to the agreed scope and subscription terms.
Reporting and Visibility
All scan results and historical data are available via the Nanorisk Security Portal, providing a centralised and auditable view of vulnerability status across the engagement.
Formal reporting reflects scheduled activity and supports ongoing visibility rather than single point-in-time assurance.
Suitable For
Organisations requiring ongoing visibility of technical risk
Internet-facing or frequently changing environments
Teams seeking structured remediation tracking
Security programmes moving beyond ad-hoc scanning
Pricing
Pricing is based on asset count, scan frequency, and delivery requirements.
Following an initial scoping discussion, a formal quote and Statement of Work are issued via the Nanorisk Security Portal.
Cookie Policy
This website uses a minimal number of cookies. We do not use analytics, tracking, or marketing cookies.
What cookies do we use?
The only cookies set on this website are by Google reCAPTCHA, which is used on our contact form to prevent spam submissions. These are classified as strictly necessary cookies required for the form to function securely.
reCAPTCHA Cookies
_GRECAPTCHA — used by Google reCAPTCHA to provide spam protection on the contact form
NID — a Google cookie used to remember preferences and provide functionality for reCAPTCHA
We do not store any personal data in your browser's local storage.
Third-Party Cookies
We do not use any third-party analytics, advertising, or social media tracking cookies.
Managing Cookies
You can control and delete cookies through your browser settings. Disabling cookies may affect the functionality of the contact form. For more information on managing cookies, visit allaboutcookies.org.
Contact
If you have questions about our use of cookies, please contact us at info@nanorisk.co.uk.