SPOT CHECK PENETRATION TEST SPOT CHECK PENETRATION TEST SECDATA.COM FOR MORE INFORMATION PLEASE CONTACT US T: +44 (0)1622 723400 | E: [email protected] SERVICE DESCRIPTION Recent high profile hacks have shown that hackers exploit common vulnerabilities using well understood and documented techniques. Every organisation is a target, even those without high value information assets. Compromised systems are a valuable commodity. They are often used to amplify DDoS attacks, act as a jump point for hacking other businesses and to send spam or host illegal content. Cybercriminals will scour the Internet for vulnerable systems and organisations with weak IT security. It is important to identify your weaknesses before cybercriminals do. As part of our comprehensive portfolio of Security Assessment Services, a Spot Check Penetration Test attempts to identify and compromise vulnerable systems. Working under strict ethical guidelines SensePost, SecureData’s ethical hackers simulate an attack from the perspective of a hacker. SensePost use all the skills and resources at their disposal to compromise the system or application under review. We start by conducting a vulnerability scan against the target using a combination of commercial and proprietary tools. The results of the scans are reviewed and vetted by an expert analyst and any false positives are removed. Where possible, vulnerabilities are exploited to prove their validity. We’ll then provide a detailed report outlining all the vulnerabilities discovered, prioritised by risk, as well as the recommended remediation steps. Our detailed findings provides the information you need to prevent a real hacker compromising your business. KEY BENEFITS • Reduce risk of attack: Mimicking real hacker behaviours provides a higher level of assurance • Comprehensive assessment: Exhaustive, multi-layered vulnerability assessment using a combination of tools and techniques • Discover all your vulnerabilities: Exploring all potential vulnerabilities and attack methods increases the likelihood of finding potential security issues • Prioritise your risks: False positives are eliminated by expert analysts, with reporting focused on the issues that matter the most to your organisation • Tailored approach: Our ethical hackers simulate cybercriminals, identifying security issues beyond the capability of automated tools KEY SERVICE FEATURES • Test performed by ethical hackers: SecureData’s security analysts apply 17 years of ethical hacking experience to deliver a detailed security assessment of your external environment or web application • Comprehensive scanning tools: We apply a combination of seven best-of-breed scanning tools, SecureData custom-developed tools and expert human verification • Vulnerability verification: Assessment results are verified against known vulnerability databases and attack methods to ensure all possible security issues are explored • Detailed analyst reporting: Our ethical hackers review all false positives to present: • Executive summary of findings with recommendations, risk summary and network health assessment • Detailed information on vulnerabilities prioritised by ease of exploit and potential impact • Detailed and prioritised recommendations for risk mitigation • Tailored to your organisation: Our assessment techniques adapt according to the findings from our initial vulnerability scans TECHNICAL COMPONENTS • The Spot Check Penetration Test can be performed on any external IP address or unauthenticated web application • The test is conducted remotely for a period of four days on either ten IP addresses or one application as designated by the client • Fully compliant with relevant industry standards, including OSSTMM, NIST and OWASP ASVS testing guides A SSESS
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
SPOT CHECK PENETRATION TEST
SPOT CHECK PENETRATION TEST
SECDATA.COMFOR MORE INFORMATION PLEASE CONTACT US T: +44 (0)1622 723400 | E: [email protected]
SERVICE DESCRIPTION Recent high profile hacks have shown that hackers exploit common vulnerabilities using well understood and documented techniques. Every organisation is a target, even those without high value information assets. Compromised systems are a valuable commodity. They are often used to amplify DDoS attacks, act as a jump point for hacking other businesses and to send spam or host illegal content. Cybercriminals will scour the Internet for vulnerable systems and organisations with weak IT security. It is important to identify your weaknesses before cybercriminals do.
As part of our comprehensive portfolio of Security Assessment Services, a Spot Check Penetration Test attempts to identify and compromise vulnerable systems. Working under strict ethical guidelines SensePost, SecureData’s ethical hackers simulate an attack from the perspective of a hacker. SensePost use all the skills and resources at their disposal to compromise the system or application under review.
We start by conducting a vulnerability scan against the target using a combination of commercial and proprietary tools. The results of the scans are reviewed and vetted by an expert analyst and any false positives are removed. Where possible, vulnerabilities are exploited to prove their validity. We’ll then provide a detailed report outlining all the vulnerabilities discovered, prioritised by risk, as well as the recommended remediation steps. Our detailed findings provides the information you need to prevent a real hacker compromising your business.
KEY BENEFITS• Reduce risk of attack: Mimicking real hacker
behaviours provides a higher level of assurance • Comprehensive assessment: Exhaustive,
multi-layered vulnerability assessment using a combination of tools and techniques
• Discover all your vulnerabilities: Exploring all potential vulnerabilities and attack methods increases the likelihood of finding potential security issues
• Prioritise your risks: False positives are eliminated by expert analysts, with reporting focused on the issues that matter the most to your organisation
• Tailored approach: Our ethical hackers simulate cybercriminals, identifying security issues beyond the capability of automated tools
KEY SERVICE FEATURES• Test performed by ethical hackers: SecureData’s
security analysts apply 17 years of ethical hacking experience to deliver a detailed security assessment of your external environment or web application
• Comprehensive scanning tools: We apply a combination of seven best-of-breed scanning tools, SecureData custom-developed tools and expert human verification
• Vulnerability verification: Assessment results are verified against known vulnerability databases and attack methods to ensure all possible security issues are explored
• Detailed analyst reporting: Our ethical hackers review all false positives to present:• Executive summary of findings with recommendations, risk summary and network health assessment
• Detailed information on vulnerabilities prioritised by ease of exploit and potential impact
• Detailed and prioritised recommendations for risk mitigation
• Tailored to your organisation: Our assessment techniques adapt according to the findings from our initial vulnerability scans
TECHNICAL COMPONENTS • The Spot Check Penetration Test can be performed on any external
IP address or unauthenticated web application
• The test is conducted remotely for a period of four days on either ten IP addresses or one application as designated by the client
• Fully compliant with relevant industry standards, including OSSTMM, NIST and OWASP ASVS testing guides
ASSESS
SECDATA.COMFOR MORE INFORMATION PLEASE CONTACT US T: +44 (0)1622 723400 | E: [email protected]
SPOT CHECK PENETRATION TEST
WHY SECUREDATA Outstanding expertiseOur Spot Check Penetration Tests are performed by SensePost, SecureData’s elite consulting arm. With 17 years’ ethical hacking experience they simulate real-world hacker behaviour using cutting-edge tools and techniques. These expert analysts think like the bad guys, ensuring your security defences are proportionate to the threat.
Flexible deliveryInitiating a Spot Check Penetration Test is fast and simple, with minimal setup and scoping required. The results of the test can dramatically reduce your security risk with no disruption to business-as-usual.
Complementary servicesWe offer a broad range of services that complement our Spot Check Penetration Test and improve your security posture, including Internal and External Security Assessments, Advanced Footprinting, Red Team Exercise and Application Assessments.
ABOUT SECUREDATASecureData is a leading provider of cybersecurity services and solutions.
SecureData looks beyond point technologies to address cybersecurity as a whole. The company offers a comprehensive set of professional and managed security services across the entire attack continuum. For over 25 years SecureData has been helping organisations assess risks, detect threats, protect assets and respond to breaches quickly and effectively ensuring essential IT infrastructure always remains secure and available. SensePost, the consulting arm of SecureData includes some of the world’s most preeminent cybersecurity experts. Trusted by both corporate and military organisations across multiple countries, SensePost helps organisations to protect IT infrastructure and stay ahead of evolving cybersecurity threats. Operating across the UK, South Africa and the USA, SecureData has an enviable track record having delivered cybersecurity services for many business sectors including finance, insurance, retail, property, professional services, technology and government.
@SECUREDATAEUROPE @SECDATAEU WWW.SECDATA.COM
@SENSEPOST @SENSEPOST WWW.SENSEPOST.COM
ASSESS
Related Documents
![36 New Era of Web Security by Implementing of Penetration ...penetration testing, Black box, White box and grey box. [6] 1. Recorder – This check is administrated with zero data](https://static.cupdf.com/doc/110x72/6023535100029d297b3d5373/36-new-era-of-web-security-by-implementing-of-penetration-penetration-testing.jpg)