Risk assessment will conduct physical environment assessments, network architecture analysis, vulnerability scans, security baseline checks, penetration tests, and security management assessments of information systems. The specific assessment mainly includes:

• Safety physical environment assessment: Mainly checks infrastructure such as physical location selection, temperature and humidity, electricity supply, air conditioning systems, and fresh air systems in the client's computer room.
• Network architecture analysis: By examining the customer's network architecture, problems are found and suggestions for improvements where it is inappropriate.
• Vulnerability scanning: Vulnerability scanning mainly uses automated vulnerability scanning tools to remotely scan hosts, network security devices, and databases.
• Security baseline checks: Security baseline checks mainly use automated security configuration audit tools to check whether the security configurations of hosts, network security devices, databases, and middleware meet security baseline requirements.
• Penetration testing: Penetration testing mainly simulates the techniques and behavior of attackers, tests security attacks on the system, digs deep into system vulnerabilities, and finds more serious security problems in the system.
• Safety management assessment: Check the customer's problems in safety management and suggest suggestions or measures for improvement.