Network Security Audit / Penetration Testing
Malicious actors are constantly utilizing new attacks to compromise the security of your networks. In order to appropriately manage the risk of breach, you must have a firm understanding of your current security posture. The best way to acquire this understanding is to have experts employ the same tactics used by real attackers to try and infiltrate your networks. At 504ENSICS, our trained security analysts leverage cutting edge techniques to attempt to compromise network assets using our comprehensive testing methodology. Once we have discovered the avenues that attackers can use to gain unauthorized access, we work with you to plug the holes and then re-test to make sure the remediation steps taken were effective.
- Internal and external network testing
- Determine number and type of live network assets in specified scope
- Determine OS and service versions, patch levels, and security configuration of network assets
- Discover vulnerabilities present on hosts
- Exploit vulnerabilities (for penetration testing)
- Social engineering engagements
- Network attacks based on spoofed websites and phishing emails
- Physical attacks based on rogue access points and dropped USB and CD media
- Phone call attacks with spoofed numbers and identities
- Default client configuration assessments
- Test effectiveness of AV, HIDS/HIPS, DLP
- Determine default network access given to employees
- Test basic security configuration including patching, password policy, account privileges
- Suggest techniques for remediation
- Remediation verification