| |
|
|
|
SECURITY - Penetration Testing
Penetration Testing
This service is primarily designed for organizations wishing to validate the effectiveness of their security defenses. The most basic penetration test is an examination of your Internet presence, probing for visible systems, switches, routers, etc., and then employing known techniques for breaching security on the devices. Once attacks are successful, we will attempt deeper levels of penetration based on previously hidden or protected portions of the network. Since active attacks are being used, your intrusion detection systems should detect these tests, providing you a method for evaluating the effectiveness of your IDS monitoring and alerting as well. If the penetration tests are successful, they will provide valuable insight into your security weaknesses. If unsuccessful, you can be commended and should sleep a little easier.
A more involved penetration test will include all known methods for gaining unauthorized access to your environment. This includes insecure modems, unprotected extranet connections, Internet vulnerabilities, social engineering, insecure remote access methods, and other techniques specific to your environment
While a one-time snapshot of your enterprise security is extremely useful, OOI believes that penetration testing should be included as a basic element in your overall security plans, something that is performed frequently and with some degree of automation, and almost never on an announced basis. Whichever approach you choose, OOI has the system and network-level expertise to carry out a highly effective attack one you can count on to uncover your risks.
|
|
