We use cookies to give you the best experience and to help improve our website.

Find out more about how we use cookies Thanks for letting me know
Skip to main content
Jisc logo 0300 300 2212
  • Digital resources
    • Library support
      • Jisc Collections
      • Archives Hub
      • Copac
      • Journal Usage Statistics Portal
      • The Keepers Registry
      • Knowledge Base+
      • OpenURL Router
      • SUNCAT
      • Zetoc
      • How we support e-resources management
    • Learning and research resources
      • Citizen Maths
      • Digimap Collections
      • Digimap for Colleges
      • e-books for FE
      • Hairdressing Training
      • Health and social care training Beta
      • Historical Texts
      • Journal Archives
      • Learning analytics Beta
      • Learning on Screen
      • MediaPlus
    • Open access
      • CORE
      • IRUS-UK
      • Monitor Local
      • Monitor UK
      • OpenDOAR
      • Publications Router
      • Repository technical support
      • SHERPA services
      • UK ORCID consortium membership

    Jisc Collections

    We negotiate with publishers, on behalf of the UK higher education sector, to procure and license affordable digital content

  • Network & technology
    • Connectivity
      • Janet Network
      • eduroam
      • Domain registry
      • Govroam
      • IP address assignment
      • Janet Network aurora2
      • Netpath
      • Netsight
      • Network time service (NTP)
      • Managed router service
      • Off-site resolver
      • Primary nameserver service
      • Routers and switches framework
      • Secondary nameserver service
      • Telecommunications framework
    • Cloud
      • Board and committee papers framework
      • Co-location service
      • Data archiving framework
      • GÉANT IaaS framework
      • G Suite for Education
      • Microsoft Azure ExpressRoute
      • Microsoft Office 365
      • Shared data centre
    • Cyber security
      • DDoS mitigation
      • Email advice and testing
      • Penetration testing
      • Janet Network CSIRT
      • Mailer shield
      • Safe Share
      • Security blacklists and whitelists
      • Simulated phishing and associated training
      • Vulnerability assessment and information service
      • Web filtering and monitoring
    • Trust and identity
      • Assent
      • Certificate service
      • Liberate
      • UK Access Management Federation
    • Videoconferencing and communications
      • JiscMail
      • Janet txt
      • Online surveys
      • Telephony purchasing service
      • Vscene
  • Advice
    • Training
      • Digital leaders programme - higher and further education
      • Making your digital collections easier to discover
      • Workshop to Raise Awareness of Prevent (WRAP)
      • + explore all training
    • Guides
      • Data and analytics guides
      • Digital literacy guides
      • Open access guides
      • Research data guides
      • + explore all topics
    • Consultancy
      • Addressing online safety needs
      • Digital strategy review
      • Infrastructure review
      • + explore all consultancy

    GDPR

    Practical resources to help prepare you for the new General Data Protection Regulation legislation.

    Financial X-ray

    Compare and analyse the full cost of your IT services.

  • R&D
    • Projects
      • Data and analytics projects
      • Digital literacy projects
      • Infrastructure projects
      • Research data projects
      • + explore all topics
    • How we innovate
      • Co-design
      • 2016-17 consultation
      • - Challenge areas
      • Visions
    • R&D in numbers
    • Get involved
    • Future trends

    Take part in our student ideas competition

    Send us your ideas on how to improve life in education using technology. Closes 30 April 2018.

  • Digital resources
    • Library support
      • Jisc Collections
      • Archives Hub
      • Copac
      • Journal Usage Statistics Portal
      • The Keepers Registry
      • Knowledge Base+
      • OpenURL Router
      • SUNCAT
      • Zetoc
      • How we support e-resources management
    • Learning and research resources
      • Citizen Maths
      • Digimap Collections
      • Digimap for Colleges
      • e-books for FE
      • Hairdressing Training
      • Health and social care training Beta
      • Historical Texts
      • Journal Archives
      • Learning analytics Beta
      • Learning on Screen
      • MediaPlus
    • Open access
      • CORE
      • IRUS-UK
      • Monitor Local
      • Monitor UK
      • OpenDOAR
      • Publications Router
      • Repository technical support
      • SHERPA services
      • UK ORCID consortium membership
  • Network & technology
    • Connectivity
      • Janet Network
      • eduroam
      • Domain registry
      • Govroam
      • IP address assignment
      • Janet Network aurora2
      • Netpath
      • Netsight
      • Network time service (NTP)
      • Managed router service
      • Off-site resolver
      • Primary nameserver service
      • Routers and switches framework
      • Secondary nameserver service
      • Telecommunications framework
    • Cloud
      • Board and committee papers framework
      • Co-location service
      • Data archiving framework
      • GÉANT IaaS framework
      • G Suite for Education
      • Microsoft Azure ExpressRoute
      • Microsoft Office 365
      • Shared data centre
    • Cyber security
      • DDoS mitigation
      • Email advice and testing
      • Penetration testing
      • Janet Network CSIRT
      • Mailer shield
      • Safe Share
      • Security blacklists and whitelists
      • Simulated phishing and associated training
      • Vulnerability assessment and information service
      • Web filtering and monitoring
    • Trust and identity
      • Assent
      • Certificate service
      • Liberate
      • UK Access Management Federation
    • Videoconferencing and communications
      • JiscMail
      • Janet txt
      • Online surveys
      • Telephony purchasing service
      • Vscene
  • Advice
    • Training
      • Digital leaders programme - higher and further education
      • Making your digital collections easier to discover
      • Workshop to Raise Awareness of Prevent (WRAP)
      • + explore all training
    • Guides
      • Data and analytics guides
      • Digital literacy guides
      • Open access guides
      • Research data guides
      • + explore all topics
    • Consultancy
      • Addressing online safety needs
      • Digital strategy review
      • Infrastructure review
      • + explore all consultancy
  • R&D
    • Projects
      • Data and analytics projects
      • Digital literacy projects
      • Infrastructure projects
      • Research data projects
      • + explore all topics
    • How we innovate
      • Co-design
      • 2016-17 consultation
      • - Challenge areas
      • Visions
    • R&D in numbers
    • Get involved
    • Future trends
Close search results

  • Give feedback
  • Membership
  • News
  • Events
  • Jobs
  • About
  • Contact
  • Home
  • Network & technology
  • Cyber security
  • Vulnerability assessment and information service
Service

Vulnerability assessment and information service

Detects and manages internal and external vulnerabilities within your IT estate, helping you to manage your security risks, compliance and quality.

For enquiries contact:

  • 0345 272 0900
  • vulnerability.assessment@jisc.ac.uk
  • Visit the community pages

About the vulnerability assessment and information service

Following a rigorous Official Journal of the European Union (OJEU) competitive tender process, we chose Khipu Networks to provide the following services:

  • Vulnerability assessment: provides automated, predetermined security vulnerability assessments of your IT assets
  • Vulnerability management: produces reports which verify IT assets against new vulnerabilities and provide measurable information on improved IT security
  • Vulnerability information: keeps track of announcements, vulnerabilities and patches in your IT infrastructure

If you require manual penetration testing, we provide this through our penetration testing service.

How to apply

To apply, contact Khipu Networks by email vulnerability.assessment@jisc.ac.uk or call 0345 2720900. 

Details of the framework agreement can be found in the vulnerability assessment and information services framework buyers’ guide.1

Email Khipu Networks

Key features and benefits

  • Improved security
    Meets the highest security standards and is ISO9001 and ISO27001 certified. Helps your organisation to detect vulnerabilities such as Heartbleed and Shellshock.
  • Tailored service
    Meets the needs of the UK education and research sector. Offers you the flexibility to scan your own networks and generate bespoke reports on known security vulnerabilities specific to your systems.
  • Easy installation
    Easy to implement and integrate with existing IT systems, enabling you to analyse your IT network devices, identify security vulnerabilities and resolve security issues.
  • Compliance
    Automatically verifies whether your IT security policies are followed and implemented through compliance and secure configuration modelling. By identifying and resolving vulnerabilities on your network, the service helps your organisation reduce the risk of information security breaches and associated costs. The service is able to scan public-facing IP addresses for PCI DSS (Payment Card Industry Data Security Standard) compliance and can be accredited by an ASV (Approved Scanning Vendor) if required.
  • Saved purchasing time
    We selected Khipu Networks following a rigorous tender process, saving you time and money so you don’t have to undertake your own procurement exercise.

Eligibility

The service is available to UK higher education (HE) institutions, further education (FE) colleges and research councils.

Services are also provided to other organisations, such as local authorities, which work in the areas of education, training or research.

Further information

The service is provided by Khipu Networks.

Find out more by visiting the Vulnerability assessment and information service community pages

Service level description

Service packages

These services are combined into four different packages. The first three are provided as managed services and the fourth is a self-managed approach where Khipu Networks provide maintenance and support:

  • PCI-DSS scan - scanning of named public facing IP addresses for PCI compliance with self-assessment or PCI-DSS ASV certification through a centrally hosted solution
  • External and URL scan - scanning public facing IP addresses and website URLs through a centrally hosted solution
  • Internal scan - scanning of internal assets through a deployed device/sensor or tunnelled connection
  • Supported appliance - includes all other packages except PCI-DSS ASV using a deployed appliance supported by Khipu Networks.

You can select which of these four packages will best meet your organisation’s requirements.

In addition, members taking any of these services will also benefit from access to a comprehensive vulnerability information service that helps to keep track of announcements, vulnerabilities and patches about your IT infrastructure environment.

Service package costs

Please contact Khipu Networks or your Jisc account manager for more information.

Hours of service

Khipu Networks standard support hours are 09:00 – 17:30.  However each service offer can have any level of support from standard office hours to 24/7 for fully managed services. Khipu Networks will work with individual members to ensure the service level meets their requirements.

ISO9001 with UK National Accreditation

This service is included within the scope of our ISO9001 certificate.

Read more about International Organisation for Standardisation (ISO) standards and view Jisc certificates.

Footnotes

  • 1 You will need to request membership to access the guide

Useful links

  • Staff directory
  • Find your account manager
  • Sign up for email updates
  • Website information
  • Modern slavery statement
  • Privacy
  • Youtube
  • Facebook
  • Instagram
  • Linkedin
  • Twitter
  • @Jisc
  • Analysis from @timeshighered’s data team suggests big differences among disciplines in the amount of scholarship th… https://t.co/0nNB2VmBvT
Digital resources
  • Library support
  • Learning and research resources
  • Open access
Network & technology
  • Connectivity
  • Cloud
  • Cyber security
  • Trust and identity
  • Videoconferencing and communications
Advice
  • Training
  • Guides
  • Consultancy
R&D
  • Projects
  • How we innovate
  • R&D in numbers
  • Get involved
  • Future trends
Creative Commons Attribution-NonCommercial-NoDerivs 2.0 UK: England & Wales
This work is licensed under CC BY-NC-ND
About using our content