Vulnerability assessments and scans - Open-source analyses - Network security assessments - Gap analyses - Physical security reviews - Software composition analyses - Source code reviews (where applicable)