|
Solutions Overview. Modern networks are often very dynamic and undergo changes and upgrades on a regular basis. To address this issue, PacketFocus offers modular services in three main categories. Ethical Hacking, Risk Assessment Services, and Technology Audits. Each service module is self-contained and may be combined with other test types as needed. This service flexibility ensures our clients needs are met on time, and above expectation.
Ethical Hacking
PacketFocus specializes in remote security testing services. Our Ethical Hacking / Penetration Tests are based on real-world attacks, in a controlled environment, driven by a signed scope of work. The tests are designed to identify technology flaws that may allow an attacker to access sensitive assets.
Risk Assessment
This assessment service is an in-depth look at your current risk, threat, and controls. The first step is to understand what assets you have. This is critical as we will need to understand what you need to protect before applying the appropriate controls. Next, we will identify current security controls and test their implementation percentage. The last stage of the assessment is to perform the analysis on all of the collected data. When complete, this will provide an in-depth view of Security Control ROI, Current threats, Risk Levels, and average loss expectancy. This information will be more than enough to drive any security programs objectives. Add compliance tests below to identify current compliance levels.
Compliance Assessment
This assessment is essentially the RIsk Assessment above, but includes Compliance testing. Only a few companies today are exempt from mandated regulatory testing. The most common compliance assessments we perform are Sarbanes-Oxley (SoX), GLBA, NIST, and ISOXXXX tests. After completion, our clients are armed with compliance reporting documents that may be given to auditors.
Technology Audits
Modern networks are introduced to new technology yearly. A few examples of this are wireless, bluetooth, RFID, Infrared, and VOIP. Most of these new technologies allow the transmittal of data or other commands into the network. Our Technology Assessments will provide an in-depth view to each technology implemented in your network. Our engineers will spend time to document the technology, how it works, and what it it designed to do. Once we fully understand design we will then initiate the hands-on testing and verification process. This identifies compliance with security best-practices and also identifies vulnerabilities within the environment. At the end of the engagement, a report will be generated to present research, findings, and recommendations.
Social Engineering
The Human Aspect of security is often overlooked, although it is usually one of the weakest links in modern security programs. Our Social Engineering attacks are designed to identify weakness in your Security Awareness program through actual testing. Most often, one of our testers will visit your location in attempt to gain access to your assets.
|
Attacks Explained!.
Visit our Attack Scenario page to find in-depth information on current attacks.
read more |
|
Our tools are used worldwide, Security testers around the world use the LiveCD we developed for OWASP.
read more
|
|
|
|
|
