Vulnerability Assessment & Pen Testing

External Vulnerability Assessment
During the External Vulnerability Assessment, our consultants will scan any internet facing devices managed by your institution for potential security vulnerabilities that might be used to penetrate your information systems. We will also scan the institution’s website for potential security vulnerabilities that may be used by attackers to deface the website or insert code to perform malicious activities. In addition, we will look for publicly accessible information about the institution that may be helpful to an attacker that is gathering information in preparation for a targeted attack.

Internal Network Vulnerability Assessment 
During the Internal Network Vulnerability Assessment, our consultants will scan all devices on the institution’s internal network for potential security vulnerabilities that might be used to penetrate your information systems. In addition to the vulnerability scan, we will also perform tests to identify the existence of default credentials on network devices. The results of our assessment will include details about the identified vulnerabilities and recommendations for remediation.

During this assessment, we can perform either an uncredentialed scan or a credentialed scan. An uncredentialed scan assesses the vulnerabilities that can be detected without network credentials. The uncredentialed scan identifies the vulnerabilities that an attacker may find if a rogue wireless device or laptop is connected to your internal network without any known network credentials. A credentialed scan assesses the vulnerabilities that can be detected by a user that can log onto the network. The credentialed scan is more comprehensive than an uncredentialed scan and requires the provision of an administrator-level network account for our consultant.

External Network Penetration Test
The External Network Penetration Test is designed to identify weaknesses in the institution’s security controls that may allow an attacker to access sensitive information or perform malicious activities using the institution’s information systems. This engagement is performed as a white box test, meaning that the institution will provide a list of the public IP addresses that will be included within the scope of the engagement. This engagement provides a more comprehensive assessment of technical weaknesses than an automated external vulnerability scan alone, which has inherent limitations and may produce false positives.