Network Penetration Testing Services
?The changes you make to your network on a day-to-day basis can increase the risk of compromise to your critical information and systems. Changes such as providing intranet access to a strategic partner, deploying new applications and implementing new technology can go undiscovered, introducing unacceptable levels of business risk into your environment. IDP can help!
IDP's penetration testing services can give you a quick and detailed analysis of your current external (and internal) exposure to breaches that threaten critical information and assets. This is an essential first step for governments and businesses worldwide in determining the necessary next steps for maintaining the security levels mandated by common standards such as ISO 17799/BS 7799, Sarbanes-Oxley, HIPAA and the Payment Card Industry Data Security Standard.
o Find out exactly what potential security vulnerabilities are present on your network perimeter.
o Get practical and relevant technical information on how these vulnerabilities can be remediated.
By analyzing your network, IDP can provide an accurate evaluation of the vulnerabilities on your Internet facing hosts, as well as hosts on your internal network. IDP will test your systems to determine if vulnerabilities are present and what the likelihood is your systems will be attacked by known exploits, automated malcode threats or malicious Internet users.
IDP will verify which systems on your network are active and what services are running. Our security analysts will identify potential security vulnerabilities and provide relevant technical information on how these vulnerabilities can be remediated. Vulnerabilities will be rated by severity to help you quickly identifying the level of security threat these vulnerabilities pose and then priorities the issues for mitigation.
As part of your penetration testing service, IDP will:
The penetration test will include both manual and automated tests including:
Website Penetration Testing Services
As many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists.
Website security is possibly today's most overlooked aspect of securing the enterprise and should be a priority in any organization. Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Web applications are accessible 24 hours a day, 7 days a week and control valuable data since they often have direct access to backend data such as customer databases. Firewalls, SSL and locked-down servers are futile against web application hacking
Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications are often tailor-made therefore tested less than off-the-shelf software and are more likely to have undiscovered vulnerabilities. IDP will evaluate and analyze your web applications for SQL Injection, XSS & other web vulnerabilities.
IDP's penetration and assessment services include:
Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures.
Social engineers rely on the fact that people are not aware of the value of the information they possess and are careless about protecting it.
Social engineering is a component of many, if not most, types of exploits.
IDP performs simulated social engineering exercises and advises clients and their staff on how to recognize and thwart social engineering attacks?.
IDP, LLC / www.idpnow.net © 2014