Penetration Testing Services
Test Your Defences Regularly
A security penetration test is a live assessment
of your security defences. Our team of specialists use
techniques and exploits that real-life hackers would use to
simulate the results of an attack.
Penetration testing helps an
organisation determine their level of network security
vulnerability and help identify weak elements that need to be
repaired. It can aid in evaluating an organisation's detection and
response capabilities and help determine whether the proper
controls are in place.
We have found that most networks have vulnerabilities
serious enough to allow the network to be completely compromised,
but that most of these vulnerabilities can be easily be identified,
addressed and corrected. For most organisations, the risks of not
identifying serious security flaws are unlimited and the losses can
be enormous.
In the same way that most software is beta tested by live
users, Security testing is an established technique for the live
testing of network security. Many organisations use Security
testing on a regular basis to continuously evaluate their security
status.
Quantix's consultants keep up-to-date with the most recent
exploits and vulnerabilities. Since new exploits are discovered
daily, IS managers and network security administrators need to be
continuously vigilant. Security testing is a valuable testing,
auditing and evaluation tool. For some organisations, network
security is an important marketing element. In these cases, having
a comprehensive audit by an outside third party, such as Quantix,
can provide a sense of objectivity and reliability to the
analysis.
Tests are not simulations but replicate actual
attacks, therefore, different levels of testing can be performed.
Non-invasive tests or attacks through to Crash or DoS tests
which have some impact
on operations.
What are the impact levels of testing?
-
Non-Invasive/passive Type (Operational Impact:
None)
- Gain Root - exploits that enable root
access
- Info Gathering - Information used to help gain
access
-
Invasive Type (Operational Impact:
Possible)
- Attack
- DoS - Denial of Service Crash
A Typical Testing
Process
- Passive
test first -
- Identify Existing
Vulnerabilities.
- Plan fixes and implement
- Re-test - prove vulnerabilities
resolved
- Harden server prior to invasive
tests
- Invasive
(may impact operations)
- Attack, DoS, Crash
- Ensure BCP is
obtainable/achievable
- Test backup/standby machineIdentify
& fix vulnerabilities
For more details on our Penetration and Security Testing
Services please Contact Us on 0870 240 6565.