Infrastructure (Network) Penetration Test

Description

IT Governance’s network penetration test aims to identify vulnerabilities that could be used to breach your network. An assessed system will be reviewed for vulnerabilities (including those detailed within the Open Source Security Testing Methodology Manual (OSSTMM)) to identify any weaknesses that could allow an attacker to compromise the network, the data stored on it, or the devices hosted on it.

Once identified, the vulnerabilities are presented in a format that allows an organization to assess their relative business risk and the cost of remediation.

Your challenge

Infrastructure-related vulnerabilities tend to arise from poor hardware configuration, poor system configuration parameters and poor security system controls. 

Exploiting a vulnerability allows an attacker to gain control in a privileged state enabling access to resources on the network.

Benefits

Our penetration tests will help you:

• Gain real-world insight into your vulnerabilities
  
• Identify any patches that need to be installed
  
• Reconfigure software, firewalls and operating systems
  
• Identify needs for encryption or more secure protocols

Our service offering

• A review of the testing environment to assess your network and identify information that would be useful to a hacker.
  
• A range of manual tests using a methodology closely aligned with the Open Source Security Testing Methodology (OSSTM).
  
• A series of automated vulnerability scans.
  
• Immediate notification of any critical vulnerabilities to help you take action quickly.
  
• A detailed report that identifies and explains the vulnerabilities (ranked in order of significance).
  
• A list of recommended countermeasures to address any identified vulnerabilities.
  
• An executive summary that explains what the risks mean in business terms.

Delivered as a remote service

IT Governance routinely provides this service remotely to organizations located outside of the United Kingdom. We can also offer an on-site service, but consultant expenses related to traveling, etc. will need to be absorbed as an additional cost.

Why choose us?

• Penetration tests should only be carried out by experienced consultants with the necessary technical skill set and qualifications. Our consultants have strong technical knowledge and a proven track record in finding security vulnerabilities and can carry out exploits in a safe manner and advise on appropriate mitigation measures to ensure that your systems are secure.
• Our CREST (Certified Register of Ethical Security Testers) certified penetration testing team will provide you with clarity, technical expertise and peace of mind knowing that your external network has been reviewed by experienced testers in line with your business requirements.
  

Conditions

• The price is applicable for 20 externally facing IP addresses.
  
• Consultant expenses related to travelling, etc. are not included in the price.
  
• On-site presentation of report findings and remedial consultations can be provided upon request at an additional cost.
  
• Discounts for multiple tests only apply when a two- or three-year contract is agreed at the purchase of the first test; discounts cannot be backdated. Each penetration test will be invoiced annually (in the year of the test). An invoice will be issued 28 days before the planned test.