international business strategy
About Us Business Intelligence IT Security Military Shop Contact
Our Computer Services

» Computer Security
» Consulting
» Project Management
» Security Design
» Project Realization
» Vulnerability Assessments
» Penetration Tests
» On-Site Assessments
» Security Scans
» Disaster Recovery
» Content Management
» Security Policy
» Web server Analysis
» Managed Services
» Network Monitoring
» Application Development
» Secure VTC

» Security Compliance
» HIPAA
» Graham-Leach-Bliley
» Sarbanes-Oxley
» CISP / PCI
» Security Breach Act
» NIST-800
» ISO 17799/BS7799

» Data Center
» Offsite Backup
» Data Storage
» Web Hosting
» Hosting Resellers
» Dedicated Servers
» Redundancy Solutions
» SSL Certificates

» Staffing Services
» Technology

» Technology
» Products
» eShop

 
Information
» Documents
» Links
» Partners
» Purchase
» Purchase Options
» Technical Support
» Newsletter


business international risk strategy

 

Penetration Testing: Comprehensively Assessing Risk

        

   Overview

 

Penetration tests and vulnerability assessments are time-constrained and authorized attempts to breach and assess the architecture of a system using attacker techniques. This form of testing relates the most accurate and comprehensive view of an organization's information security stance, as it evaluates an entire system, exploiting vulnerabilities to determine precisely how an unauthorized user can get control of valuable information assets.

 

The form of such a test depends greatly on the client’s own situation. Tests can range from a brief overview of the security of an existing infrastructure, to an extensive simulated break-in, with the goal of obtaining specific information. Only a comprehensive penetration test or vulnerability assessment can determine the real risk to network resources, thereby making it possible to immediately prioritize corrective measures and to set the overall direction for an organization's security strategy.

A penetration and vulnerability assessment test can reveal:

  • if installed security system is inadequate and can be bypassed and whether  and how the system reacts to attack. This could help managers or IT persons in your company feel implicated.

  • Reveal which information can be obtained from outside of the network.

  • Put into test the security of an environment and qualify its resistance to a certain level of attack.

  • reveal whether it is possible to break into the system, using available or existing knowledge and which information becomes accessible, if the system is broken into

  • In addition to a security scan: a penetration test or vulnerability assessments can reveal security problems caused by some inconsistency between elements. Complex interactions are sometimes difficult to apprehend during an audit which focus on architecture, IP filtering, operating systems, web servers, and applications, one by one.

 

Security means finding a balance between the value of the protected information and the amount of time, energy and money that has to be expended to gain access to it in a break-in. Penetration tests and vulnerability assessments can reveal whether defensive systems work or need adaptation.

STEALTH – ISS Inc. carries out penetration tests and vulnerability assessments using freely available software, the knowledge of our senior security specialists and commercial software which is being used by institutions such as Department of Defense, NASA, Visa, Microsoft, Citigroup, KPMG, SUN and many more.

An extensive report is made of test results. This includes not only all the actions carried out, but also an inventory of the information obtained, as well as conclusions about the quality of the security of the system.

 

 

 

How We Offer it. We offer a straightforward, yet comprehensive approach to our Testing Services: 

 

Assess. We'll start off with a free phone consultation to assess your needs. We'll help walk you through a brief fact-finding requirement stage that gives us information on goals, objectives, budget, timeline, configuration, special needs or requests, etc. 

Plan. Once we have a solid understanding of your needs, network complexity, etc., we will develop a Project Plan Quote. We identify the strategy, timeline, and budget that is right for your security and penetration test needs.

Scanning and Penetration.  This is our favorite part, and the one we do best - finding all those vulnerabilities you thought you never had and that could bring down your business, expose sensitive data, etc. We use many different attacks and approaches that will stress your solution to the max using state-of-the-art tools and proven test methods. At any point of time during the testing when we find a major vulnerability that either we (or you) consider serious or that could present a block for testing, we'll report that back to you immediately. This gives you an opportunity to make modifications and respond to a severe security risk as quickly as possible .

 

Deliver.   After we’ve completed our penetration test or vulnerability assessment, analyzed it and found security holes, we'll present you with a final security report that provides detailed information about the work done, including a summary of all testing performed, full test results with how to reproduce every defect, and conclusions and recommendations for remediation.

 

Penetration Testing Procedures

Penetration Test

 

 

 
STEALTH - ISS Inc.




business risk
Affiliate Program
Purchase / Order

Home | Who We are | Business | Intelligence | Security | Military | Jobs | Contact | E-mail | E-SHOP
English | German | French | Spanish | Slovak
Copyright © 2000. STEALTH - ISS® Inc. All rights reserved. Terms of Use Privacy Policy