Network & Cyber Security
Penetration and vulnerability testing is performed by our IT personnel using various network penetration applications and utilities. These applications and utilities give us the ability to assess specific information security threats, indicating how an attacker can get control of your valuable information assets. Our goals are to assess risk and to improve awareness of data security.
Unlike simple vulnerability scanners that only provide a snapshot of the current network configuration, we deploy multiple network penetration applications and utilities that allow us to safely exploit vulnerabilities in your network, replicating the kinds of access an intruder could achieve, and proving actual paths of attacks that must be eliminated.
All agents installed during both the external and internal tests will be safely removed, returning the compromised hosts to their normal state. We will provide a report detailing the hosts that were tested, vulnerabilities that were detected, and remediation measures recommended.
External Penetration Testing
External penetration testing focuses on discovery and penetration of the network from outside the network perimeter. We gather information pertaining to network access points to identify and target certain entry points.
Internal Penetration Testing
Internal penetration testing focuses on network vulnerabilities and opportunities to intercept information that can be used to exploit those vulnerabilities. This testing is done from inside the network perimeter. Many times, we will exploit weaknesses found in our external penetration test during the internal testing.
Wireless Penetration Testing
Wireless penetration testing focuses on vulnerabilities and opportunities to intercept information through wireless networks that can be used to exploit those vulnerabilities.
Web Application Penetration Testing
With software being increasingly deployed over the Internet, the threat of attacks specific to web applications is a growing concern. We use various tools to test the vulnerability of your web-based applications for the following attack types:
- SQL Injection Attacks
- Remote and Local File Inclusion Vulnerabilities
- Cross Site Scripting Vulnerabilities (XSS)
- Insecure Direct Object Reference Vulnerabilities
- Information Leakage and Improper Error Handling Vulnerabilities
- Insecure Cryptographic Storage Vulnerabilities
- Insecure Communication Vulnerabilities