Our sophisticated network security reviews and vulnerability testing can identify areas within your organization that are susceptible to potential financial loss, fines and penalties, customer security breaches, and unwanted negative publicity, amongst other things.

We utilize the latest commercially available software tools as well as proprietary, custom-designed hacking routines in an attempt to design and carry out attacks your system might be subjected to so that we can identify any vulnerabilities you might have. We focus our vulnerability analysis on nine key areas:

1. Disaster Recovery and Business Continuity Planning
2. Telecommunications, Network and Internet Security
3. Security Management Practices
4. Security Architecture
5. Access Control Systems and Methodology
6. Application Development Security
7. Operations Security
8. Physical Security
9. Cryptography

Our penetration testing services follow a three-tiered approach, consisting of Discovery, Assessment and Exploitation.

During the Discovery phase we attempt to discern as much information as we can about the topography of your network. One of the first steps we take is to do an external penetration test using commercial software and easily obtainable (public domain) information about your company. We determine whether or not you are paying attention to these attacks and reviewing the associated logs. All identified domain names and IP addresses are verified prior to moving on to the Assessment phase. We also complete “Whois” queries, zone transfers, ping sweeps, and traceroutes on several blocks of IP addresses. The traceroutes will help us identify routers, firewalls and gateways. We identify all connections to the Internet including some that may be unknown to network managers.

The Assessment phase identifies all security holes and vulnerabilities of your network. We document all target hosts, along with Operating System, IP Addresses, Applications, Banner Information and Known Vulnerabilities. This provides us with the amount of information a hacker can obtain about your company prior to compromising the network.

Once the Operating System is identified we tailor our list of port scans and develop a list of potential holes and vulnerabilities. Our port scanning is generally completed when your network is least busy to avoid disruption. Once we know the open ports, we connect to the ports and grab a banner to verify the applications that are running. Once a list of applications is developed, we determine which vulnerabilities exist, document them and download the exploit code (if applicable) for use in the next phase of our testing.

The Exploitation Phase may or may not be completed based on client objectives. We attempt to gain root or admin level access to the target systems. After we obtain unauthorized access to a remote system through the ability to execute a command on a target host or direct access to a user account, we document all relevant information and share it with the client so corrective action can be taken. At this point we can install a tool kit and continue to exploit the system by acquiring Unix password files or the Windows registry, or we can stop the process, dependent upon client wishes. If we load our tool kit, we return the system to normal after testing is complete.

We have significant experience and expertise completing NVA's and other security reviews for the financial services, banking, manufacturing, higher education, medical services, defense and transportation industries. Download a brochure on our NVA capabilities here: NVA Brochure