In this paper, we introduce a method and a tool for systematically assessing the security of complex systems. We gather data from interviews, network documentation as well as active and passive network measurements and combine them in a semantic model with our tool, Graphingwiki. We tested our methodology on an active large-scale VoIP system. The multifaceted data gathering and analysis method was fast and extensive and proved to be effective in finding the weaknesses of the system. The method provided a repeatable method of measuring and ensuring the security of the system. The largest benefit of the method is in quick and efficient data collection from several, differing, data sources and the resulting analyses of the combined data.