Do hackers know more about your network than you do?
A Penetration Test is a detailed analysis of your network and associated systems from the perspective of a potential hacker. A penetration test will test your network for thousands of known exploits and vulnerabilities and provide a detailed report of any problems that are found. Penetration tests are conducted remotely over the Internet and do not require physical access to your premises nor do they require access to any confidential information such as usernames or passwords. BNS can do testing as a full knowledge test, where the client picks the time and date of the test - or as a zero knowledge test where our security team picks the time and date with no notification to the client. Zero knowledge is best for testing your IDS systems and incident response teams.
Internal security audits are done from behind the firewall, and can scan private IP devices for problems. Internal scans can detect patch application problems, misconfigured devices and even default passwords that were accidentally left enabled. BNS can test password strength and can even test custom built software packages for security vulnerabilities.
Full security audits will look over the Policies and Procedures of your organization. It will include internal and external testing, physical inspection of the premises, storage of critical data and much more. We can help write P&P directives if none exist for your company.
BNS can also customize its services with any combination of tests, inspections and recommendations. This helps to keep costs down, while providing a high level of security for your company.
Business Network Solutions is an Authorized Reseller of eEye® Digital Security products, and can offer discounts on any software available. BNS uses Retina® and Nessus, plus Custom software for all testing services. Using this award winning software provides the highest level of quality to our clients - something most other penetration testing services cannot offer.
Because every organization is different, our Penetration Testing service can be customized to meet your needs. Our security consultants will work with you to properly estimate the size and scope of your test. The one-time Penetration Test service provides a single test, while a subscription provides a repeated periodic test of your company’s network and associated systems. Penetration testing can be performed as a full-knowledge test or a zero-knowledge test.
The testing process initially gathers available information or intelligence about your company’s network to find details that could prove useful to a potential attacker. Your network is then actively probed (also known as scanning, mapping or penetration testing) looking for security weaknesses that could be exploited. When performing Penetration Testing, BNS will not place or alter any files on any systems. Our tests are designed to limit bandwidth usage so that system resources are not drained during the test.
Our tests will include testing for:
Once the tests are completed, the results are compiled into a report. This report contains both a management level overview of any issues and also technical level details of the test results including full details of each security issue uncovered. Full technical details of how to fix each security leaks is included in the report. In addition to any security issues, the report also lists any non-optimal configurations that were found during the tests.
A Penetration Test sample report is available to be viewed here.
Copyright © 2001-04 Business Network Solutions. All rights reserved.