It is in your best interests to protect your infrastructure and network. This where your most precious assets - data, trade secrets, etc - are stored. Hackers might be able to exploit mis-configurations of your network components or platform weaknesses to gain access to your network and steal your data. A breach can cost you dearly financially and and adversely affect your organization's reputation.
SPIguard can help you be secure. Our security consultants can perform a penetration test on your network and let you know of any vulnerabilities that may exist. You can then fix them before hackers find and exploit them.
The SPIguard Way
Our standardized approach to every engagement to ensures consistency and also minimizes the amount of time that you spend supporting our testing effort.
Step 1: Preparation and Discovery
- We review your network diagrams, determine which IP ranges are in-scope for the penetration test, provide an overview of our testing process, and discuss any special testing requirements.
- Defined IP addresses, address ranges or Internet domains are scanned using automated tools. Responses from any given IP address, service or port are recorded. During this phase, we often discover devices and services on our clients’ networks that were previously unknown to even them.
- Responses captured during the discovery phase are compared to databases of known response types (fingerprinting). Known ports and services are mapped, providing an initial target profile for subsequent test steps.
Step 2: Testing and Exploitation
- All targets on your network are probed for vulnerabilities using a variety of vulnerability scanning tools as well as targeted manual testing. Any critical vulnerabilities identified during the course of testing will be brought to your attention immediately so that remediation can begin right away
- Significant issues identified during the testing process are exploited in order to both demonstrate the vulnerabilities and better determine the level of risk posed by the issues. A wide variety of tools and techniques are used in this phase, depending on the nature of each vulnerability being exploited
Step 3: Reporting
- We take the results of both the automated and manual penetration testing and compile a consolidated custom-written report.
- The report will detail all vulnerabilities uncovered during the testing process along with severity levels and recommendations for how to remediate each vulnerability that was identified.
Step 4: Debriefing
- We will present all findings to executives and key stakeholders
- Our security consultants will answer all questions and explain the remediation advice provided in the report.
What Is Tested?
We test every component of your network thoroughly and cover all the areas such as:
The SPIguard Advantage
- Our security consultants are world-class. They have years of experience setting up and managing networks, and performing penetration tests.
- We use a proven testing methodology that incorporates a lot of manual testing and the best commercial/open-source testing tools.
- We do not just hand over a canned report from the tools. Our reports are custom-written and contain information that is relevant to your organization.
- You will have access to our security consultants who can advise you on the optimal solutions for your environment. At the end of every testing cycle, our consultants will go over all the identified issues with stake-holders from your organization.