Network Penetration Testing and Vulnerability Assessment
Computing systems and data must be protected from hackers and even insiders. The availability and integrity of data must be maintained, whatever the circumstances. Consumer privacy is now of the utmost importance given federal, state and local requirements. Simply put, the regulatory, legal, operational and reputational risks surrounding IT needs and data protection are far too high to take lightly.
Every year we perform many independent Network Penetration Tests and Vulnerability Assessments. And with many years’ experience in this arena, we’re able to offer top-tier analysis and testing services at cost-effective prices. Our reports are acknowledged for their clarity and their accessibility to non-specialists. Our penetration testing represents a method of evaluating the security of a client’s internal (local area network) computing systems and its Internet perimeter by simulating an attack by a person with malicious intent (e.g., a hacker, a disgruntled employee). The process involves an active analysis of these systems for any weaknesses, technical flaws or vulnerabilities. Our tests are carried out from the perspective of a potential attacker using grey hat hacking methodologies. Unlike an information security audit, which is based on external standards, a penetration test is of variable scope with the aim of compromising a target in any way possible via selective targeting.
Our process follows a structured methodology to ensure a safe and thorough execution. It employs a series of gradually escalating steps to minimize any risks inherent in such testing. Should anything abnormal become evident, the testing is suspended before any damage may be caused.
Our testing consists of four phases. We start with information gathering in the discovery phase. Public information is used to enumerate targets. In cases where such information is questionable or lacking, we conduct ping sweeps and restricted port scans to determine potential targets. Second, once potential targets are identified, we obtain as much information as possible about each target identified in the enumeration phase.
Third, in the port scanning phase, we map the profile of the targets to publicly known vulnerabilities. Only appropriate vulnerability tests are applied to the target hosts (e.g., IIS vulnerabilities are not tested on Apache systems, firewall vulnerabilities are tested only on firewalls, etc.). In cases where the host is indeterminate, several tests for a wide range of vulnerabilities are used.
Finally, we attempt to exploit the identified vulnerabilities to penetrate the target systems. Note that we go beyond simply running a vulnerability scanner program and generating a canned report. In our testing we’ve been able to compromise clients’ critical systems more than 90% of the time. Note, too, that our policy is not to proceed without explicit permission from management if we see any risk of compromising system security.
Results are analyzed for false positives and for applicability to the client’s computing environment. Every attempt is made to ensure the contents of this report are concise and relevant and the scale and scope of recommendations are realistic and achievable. Details regarding the exact timing of the tests are not known to service provider employees. Denial of service and other potentially destructive attacks are not performed.