• Register
Home  //  Infosec Information Security  //  Penetration Testing
PDF
Print
E-mail

What is Penetration Testing?

Penetration testing is a controlled and managed simulation of an actual system intrusion. It gives you a realistic experience of an attempted break-in into your information system. During a penetration test, your security mechanisms as well as your intrusion detection and response capabilities are put to the test against a skilled, motivated attacker – only this time you have a complete insight in his thoughts and actions. This is a unique opportunity to get to know your enemy, without the damage you would sustain in a real attack.

Secunets Technologies team will target a point of entry via your network or application infrastructure’s “weakest link”, which may be visible to employees and partners in addition to external hackers. We then determine the business impact of gaining access to your network and its resources.  For each engagement, we work with you to define the attack profiles most appropriate for your organization.

External or Remote Network Penetration testing

This test mainly focuses on publicly available network resources that expose you to a network compromise. The penetration test may be performed with non or full discovery of the environment in question. Our testing includes a detailed analysis of routers, firewalls, email servers and web applications. The engagement would start with publicly accessible information about the client, followed by network enumeration.

Network enumeration allows us  to target hosts, and specific network security attacks. We would then assess the open ports, services and specific security vulnerabilities, and use that information to gain a foothold into the environment. After a foothold is established, escalation of privilege occurs until the external environment is controlled.

Onsite or Internal Network Penetration testing

Internal on-site penetration testing gives the business the assurance it needs to perform tasks safely on the internet . Internal assessments use a similar methodology to an external assessment, however the engagement will occur from within the WAN at each logical management zone, physical segment or simply attached to the DMZ.

To attach to an internal network requires a significant depth of knowledge in many areas. These areas are not limited to Policy, Architecture, Implementation and Auditing across multiple business units, operating systems and devices. We at Secunets Technologies have all of these skill sets.

Our typical Onsite or Internal network penetration test would include internal network port and vulnerability scans, onsite visits, review of your network architecture, industry best practices, and an on-site meeting to discuss the findings and answer any questions you may have. The security consultant may spend up to 2 or 3 days onsite evaluating current policies, procedures, the state of physical and network security, and conducting interviews. Each audit is tailored to the customer. Secunets Technologies team will work in your organization with the same rights as one of the users and try to gain access to the systems that should not be available at the user’s level of privileges. This test helps to establish how effectively your organization’s security access controls are deployed.

 

Follow us on Twitter

Thanks for visiting us today

mod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_countermod_vvisit_counter
mod_vvisit_counterToday165
mod_vvisit_counterYesterday131
mod_vvisit_counterThis week593
mod_vvisit_counterLast week789
mod_vvisit_counterThis month2717
mod_vvisit_counterLast month4405
mod_vvisit_counterAll days756692

Our partners in technology

Scroll Up