Are you aware of what is happening in your Enterprise Network?
Penetration Testing (Pen-Test) is a practice to test your security by using the same techniques a hacker would you to compromise your network or devices. One of the best ways to measure the vulnerability to your systems either for malicious attack of perpetrating a fraud is to have an independent systems security professionals try and compromise your system.
We arrive with all the required equipment at your site and can be up and running as soon as the change control has been approved. Commercial, open-source, and internally developed tools are used to perform the controlled attack while logging and monitoring responses. These responses are analysed and recommendations are done to ensure that all critical points and data-paths are secured. Our experts use automated as well as manual techniques which include social engineering to locate weaknesses in the technical and business functional environment.
Test your own security by ‘hacking yourself’.– Adapted from CobIT
The SACS Penetration Testing service is designed to provide you with a comprehensive assessment of you logical security. We review your infrastructure as well as ingress and egress nodes which may lead to data leakage or increase a threat on your resources. Our experts provide complete analysis of your servers, workstations, network devices, wireless nodes, databases and web interfaces with associated vulnerabilities and cost effective compensating controls. We endeavor to use inherent and current security controls to lock down the infrastructure.
Penetration testing is considered one of the most rigorous testing methods for an infrastructure logical security and stability. Many audit methodologies recommend ‘hacking you own systems’ to determine the control.
- Experience: With numerous years of experience
- Value: We address all the risk with your current investment and inherent controls before any cost effective recommendations are done
- Trust: All our experts have been vetted and cleared. We perform additional controls and debriefing to ensure that your risk is managed at all phases of the project
- Knowledge transfer: We make sure that the knowledge is transferred to identified and elected staff.
As part of the process, we evaluate your Forensic Readiness in the event of an Incident. This includes ensuring that all security assessment and penetration testing evidence is logged and collated to a central repository.
We do not JUST use Vulnerability Assessment tools but rather use extensive human hacking skills to circumvent security controls. There are different levels of Penetration Testing and we understand that if your organization is under a targeted attack, you need to be able to defend yourself.
Contact SACS to obtain additional information of our framework and the post review process we have in place.