Penetration Test is a controlled network attack simulation that provides a snapshot of an organization's security posture as seen from a designated location, typically external. The result is the identification and documentation of specific exploitable vulnerabilities and risks within the organization's network. Analysis of these exposures provides an understanding of the organization's network security posture and validation of the need for an effective information security program.
Benefits
Provides an overview of existing and relevant exposures with detailed analysis of how these vulnerabilities could lead to ingress and exploitation of an organization's systems.
Tests and validates the effectiveness of security safeguards and controls currently in place.
Demonstrates the existing risks to an organization's networks and systems.
Justifies and enables a security program by raising awareness about corporate liability at all levels of the organization.
Details unauthorized data and server access using step-by-step descriptions.
Provides detailed remediation steps that can be taken to prevent future exploitation.
Standard Methodology
We utilize the same tools and techniques a malicious attacker would use, along with our proprietary technology and intellectual capital, to determine whether and how an attacker could penetrate a network and systems. The Penetration Test includes:
Project Initiation - defines rules of engagement and a project plan to ensure that scope, expectations, timelines and deliverables are appropriately managed.
Reconnaissance and Baselining - baseline testing of the target network and systems to determine what hosts and services are active.
Perimeter Testing - exploitation attempts to identify key vulnerabilities on perimeter systems.
Remote Exploitation - uses the access and information acquired during the perimeter testing to attempt to compromise the server(s) and internal system(s).
Data and Intelligence Gathering - collects and prioritizes data from the target systems and networks as obtained via exploitation.
Analyze Findings and Prepare Deliverable - analyzes the results and prepares a concise, detailed technical and management report.
The execution of this service takes up to 21 business days.
