It’s Time to Assess your Penetration Testing & Vulnerability Scanning Needs

Identify Security Breaches Before They Happen

Is Your Network Secure?

One of our consultants will get back to you shortly

Can a hacker access your data?

Publicly exposing an insecure network often results in a catastrophic breach of client trust. It could take months or years to earn back trust from customers. The only way to know if your network adequately protects data is to put it through a series of rigorous targeted tests. SystemExperts specializes in identifying vulnerabilities and providing concrete and practical measures to remedy any defects found.

Common Vulnerabilities We Look For

  • Unrestricted access to database servers
  • Unanticipated third-party system activity
  • Services with well-known vulnerabilities
  • Default web server configurations and directories
  • Windows default configuration
  • Sensitive information passed in clear text
  • Administrative interfaces that are not secured
  • Default SNMP configuration
  • Well-known default usernames and passwords on network level devices

SystemExperts Testing Methodology

When performing tests, we include elements from several established testing models including:

  • National Institute of Standards and Technology Special Publication 800-42 “Guide on Network Security Testing”
  • Open Source Security Testing Methodology Manual (OSSTMM)
  • Payment Card Industry Data Security Standard (PCI/DSS)
  • Open Web Application Security Project (OWASP Security Testing Guide)

Common Vulnerabilities We Look For

  • Unrestricted access to database servers
  • Unanticipated third-party system activity
  • Services with well-known vulnerabilities
  • Default web server configurations and directories
  • Windows default configuration
  • Sensitive information passed in clear text
  • Administrative interfaces that are not secured
  • Default SNMP configuration
  • Well-known default usernames and passwords on network level devices

Getting Started is Easy

    1. Scope the project and schedule a start date
    2. Kick off the project with a Conference Call
    3. Enumerate with a Network Discovery & IP Services Inventory
    4. Perform the Vulnerability Assessment and provide the report
    5. Review the report with your team
    6. Provide the Testing Certification Letter

External Vulnerability Assessment

Also known as Internet Exposure Profile (IEP), Red Team Attack, or White Hat Penetration Testing.

This aspect of pen testing focuses on vulnerabilities related to TCP/IP protocols and services. We specifically look for problems in your DMZ or firewall setup, the configuration of your systems, and unauthorized access to resources in your environment. SystemExperts performs an inventory scan on each IP address looking for open ports, protocols, or services. After creating an inventory list, we attempt to uncover and identify vulnerabilities that leave you susceptible to exploits by a malicious user.

Internal Vulnerability Assessment

The Internal Vulnerability Assessment (IVA) is like the External Vulnerability Assessment (or IEP as we call it) except the testing is performed against your internal network.  We focus on vulnerabilities related to TCP/IP protocols and services.

The process involves inventory scans performed on each of the IP addresses looking for open ports and protocols. After creating the inventory list, we attempt to uncover and identify vulnerabilities.

IP Services Inventory

Larger organizations often lose track of the IP-based services they have on their network. Periodic scanning of address space enables you to better manage your exposure by highlighting unnecessary security vulnerabilities.

As part of our penetration testing services, SystemExperts scans your IP address space for IP-based services. For each IP address scanned, we look for services available on all TCP and well-known UDP ports. We categorize whether service is open (reachable) or closed (unreachable). Once testing is complete, you receive a table containing the IP Services Inventory.

You may choose to remove any unexpected/unnecessary services we find during the scan. After adjusting your list, you can provide us with a re-scan list. We then rescan the IP addresses on the list and update the IP Services Inventory table to reflect changes.

IP Services Inventory

Larger organizations often lose track of the IP-based services they have on their network. Periodic scanning of address space enables you to better manage your exposure by highlighting unnecessary security vulnerabilities.

We scan your IP address space for IP-based services. For each IP address scanned, we look for services available on all TCP and well-known UDP ports. We categorize whether service is open (reachable) or closed (unreachable). Once testing is complete, you receive a table containing the IP Services Inventory.

You may choose to remove any unexpected/unnecessary services we find during the scan. After adjusting your list, you can provide us with a re-scan list. We then rescan the IP addresses on the list and update the IP Services Inventory table to reflect changes.

Firewall Review

Firewall rules tend to grow gradually in layers. Changes to the rules are made to support the evolving needs of the business and by nature accumulate over time. The result of this process is too often:

  • The rule set grows too large to be readily understood
  • Later rules contradict the earlier rules
  • A particular business need that required a specific opening in the firewall no longer exists, but the opening remains as a historical artifact.

We work with you to document how the firewall should function and review the configuration to determine if it is consistent with the expected behavior.

SystemExperts has been in business since 1994, helping clients see the big picture and design solutions to meet their comprehensive security needs. We over-deliver and provide unmatched personal attention, distilling problems to their root causes and recommending what’s appropriate for you.

Is Your Network Secure?

One of our consultants will get back to you shortly