The vulnerability scan is utilised on two steps of the Cyber Essentials Plus certification process (scans are not used as part of the Cyber Essentials certification process, which relies on a self-assessment questionnaire).
Initially, vulnerability scans are used to assess all the external-facing devices used in the infrastructure (firewalls, routers, servers, services etc.) and then later on the internal vulnerability scan to assess the sampled endpoints.
We highly recommend URM to any business looking to achieve Cyber Essentials or Cyber Essentials Plus certification—their expertise and customer service are second to none!
IT support company
Do you know where your greatest vulnerabilities sit?
Find out through a Cyber Security Headline Assessment
Find out more
related BLog
Understanding Defence Cyber Certification (DCC)
Published on
29 May
2026
URM’s blog explains how the DCC works, who needs it, the benefits of certification, with clear guidance on how to approach compliance and avoid common mistakes.
Read more
Cyber Security
Published on
22/5/2026
Cyber Security and the Board: The UK Cyber Resilience Pledge in FocusURM’s blog explains the purpose, structure and content of the Government’s new Cyber Resilience Pledge, and what it means for organisations across the UK.
Read more
Cyber Security
Published on
16/4/2026
Mitigating Cyber Risks: Why Cyber Essentials Matters More Than EverURM’s blog highlights the growing threat to cyber security in the UK and the importance of the Cyber Essentials scheme in mitigating these risks.
Read more
Cyber Security
Published on
16/4/2026
Cyber Essentials Requirements UpdateURM’s blog breaks down the latest changes to the Cyber Essentials requirements and outlines why these updates matter for organisations seeking certification.
Read more
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.