|
|
Got
HACKED? |
|
|
Got
HACKED? |
|
Penetration Testing |
Benefits of Tranchulas IS Assessment |
||||||||||||||||
|
What is Penetration Testing?
We at Tranchulas provide the following penetration testing services:
External or Remote Network Penetration testing Onsite or Internal Network Penetration testing Web application security Assessment and Penetration testing
Tranchulas team will target a point of entry via your network or application infrastructure’s “weakest link”, which may be visible to employees and partners in addition to external hackers. We then determine the business impact of gaining access to your network and its resources. For each engagement, we work with you to define the attack profiles most appropriate for your organization.
External or
Remote Network Penetration testing This test mainly focuses on publicly available network resources that expose you to a network compromise. The penetration test may be performed with non or full discovery of the environment in question. Our testing includes a detailed analysis of routers, firewalls, email servers and web applications. The engagement would start with publicly accessible information about the client, followed by network enumeration.
Internal on-site penetration testing gives the business the assurance it needs to perform tasks safely on the internet . Internal assessments use a similar methodology to an external assessment, however the engagement will occur from within the WAN at each logical management zone, physical segment or simply attached to the DMZ.
To attach to an internal network requires a significant depth of knowledge in many areas. These areas are not limited to Policy, Architecture, Implementation and Auditing across multiple business units, operating systems and devices. We at Tranchulas have all of these skill sets.
Our typical Onsite or Internal network penetration test would include internal network port and vulnerability scans, onsite visits, review of your network architecture, industry best practices, and an on-site meeting to discuss the findings and answer any questions you may have. The security consultant may spend up to 2 or 3 days onsite evaluating current policies, procedures, the state of physical and network security, and conducting interviews. Each audit is tailored to the customer. Tranchulas team will work in your organization with the same rights as one of the users and try to gain access to the systems that should not be available at the user's level of privileges. This test helps to establish how effectively your organization's security access controls are deployed. Web application Security Assessment and Penetration Testing A web application’s security assessment will allow us to analyze the critical components of a Web-based portal, e-commerce application, or Web platform.
Using manual techniques and hundreds of appropriate tools the assessment pinpoints specific vulnerabilities and identifies underlying problems. The analysis integrates detailed vulnerability and countermeasure information for:
Tranchulas provides comprehensive reviews for:
The Most Common Application Layer Vulnerabilities are:
|
|
||||||||||||||||
| Deliverables | |||||||||||||||||
|
We DON'T deliver output from automated security vulnerability assessment tools. |
 |
||||||||||||||||
| Contact Us | |||||||||||||||||
|
|
 |
||||||||||||||||
Copyright © Tranchulas. All rights reserved
Penetration testing is a controlled and managed
simulation of an actual system intrusion. It gives you a realistic
experience of an attempted break-in into your information system. During a penetration
test, your security mechanisms as well as your intrusion detection and
response capabilities are put to the test against a skilled, motivated
attacker - only this time you have a complete insight in his thoughts
and actions. This is a unique opportunity to get to know your enemy,
without the damage you would sustain in a real attack.