Security Threat and Vulnerability Assessment Service

generic network product image

Price: No Cost

Unit of Measure: Usage Based

Pricing Type: No Charge

Billing Cycle: N/A

Service Lead: Bob Baskette


This service provides customers with information on the security threats and vulnerabilities that may exist in their environments. These services include basic advice/guidance. This level of service does not include on-site support to remediate vulnerabilities in the customer's environment.

Security Threat and Vulnerability Assessment Service includes the following options:

  • Cyber Intelligence Gathering - Commonwealth Security and Risk Management (CSRM) works with the FBI, law enforcement and third parties to gather cyber intelligence.  CSRM functions as a liaison between these entities and Commonwealth of Virginia (COV) agencies, localities and high education to disseminate this information to the appropriate parties.  This intelligence includes reports of web site defacements, keylogger infections, compromised accounts and known threats that may affect these entities.
  • Commonwealth Security Advisory - CSRM monitors the internet for new vulnerabilities that are discovered that affect products being utilized on COV systems.  Once patches for these vulnerabilities have been released, they are included in the weekly advisory.

  • Monthly vulnerability scan - CSRM performs monthly vulnerability scans of externally facing COV systems to determine vulnerabilities that need to be addressed with Commonwealth systems.  These scans provide information on missing patches and configuration issues.  The vulnerabilities that are identified are reported to the customer for remediation.

  • Monthly ISOAG meetings - CSRM holds monthly meetings for the Information Security community.  At these meetings, CSRM provides information on the most recent threat trends

These services are provided to all customers without a charge.

Customer obligations

To sign up for the Threat and Vulnerability Assessment services, the customer is required to provide  contact information for the person that is to be added to the ISOAG mailing list.  Contact information can be sent via email to

How to Order

For more information or to request service, please contact: 

Bob Baskette
Commonwealth Security and Risk Management 
Virginia Information Technologies Agency 
(804) 416-6038

Need help?

Send VITA Onestop an email: to collaborate or handle your order.