fbpx

Penetration Testing

Home » Services » Security Consulting » Penetration Testing

At Intrinium, we believe a first step to review your network vulnerabilities is a Penetration Test. We offer both internal and external penetration tests which are simulated cyber attacks against your entire network/website/domains to check for exploitable vulnerabilities and potential security risks. For the convenience of our clients, we execute tests either remotely from our headquarters or on-site at your company with one of our trusted consultants. These tests are performed with the intention of being the first phase within a holistic process of vulnerability analysis, prioritization, remediation, and maintenance that is our core commitment to securing your environment.

External Penetration Testing

This test reviews the network environment and the strength of the perimeter defenses against an external vulnerability, as well as the security of websites and external applications. Our threat model utilizes thousands of attacks that are used by opportunistic hackers used to compromise organizations every day.

These attacks include:

  • Searching for publicly available domain registration for useful information
  • Port scanning of network resources
  • Identification of systems and services accessible over the Internet
  • Brute force attempts with weak or default passwords
  • Comprehensive Vulnerability Scanning identifying over 100,000 of the top vulnerabilities
  • Manual exploitation of identified vulnerabilities in external applications
  • Elimination and confirmation of false positives

Internal Penetration Testing

This test will emulate the action of a malicious actor on the internal network. Our penetration testing goes beyond a simple vulnerability assessment by performing manual attacks such as man-in-the-middle attacks. Our threat model utilizes thousands of attacks that are used by opportunistic hackers used to compromise organizations every day.

These attacks include:

  • Port scanning of network resources
  • Identification of systems and services accessible over the Internet or through VPNs
  • Brute force attempts with weak or default passwords
  • Man-in-the-Middle Attacks
  • Comprehensive Vulnerability Scanning identifying over 100,000 of the top vulnerabilities
  • Manual exploitation of identified vulnerabilities in applications
  • Establishing persistence and enumerating the reach of a potential attacker

At the conclusion of any Intrinium Penetration Test, our success will be reflected against project deliverables and validation that meets the following success criteria:

  • Completion of external vulnerability and network penetration testing module
  • Documentation of detailed test findings and remediation recommendations
  • Completion of executive summary testing report
  • Completion of firewall assessment
  • Documentation of firewall assessment findings and remediation recommendations

We are here to help, contact us today.

Gap Analysis 101

f you have spent any time around information technology or people who work in information security, you have probably heard terms like “risk assessment”, “audit”, and “gap analysis”. Sometimes they are used almost interchangeably. However, each has a specific objective to help stakeholders understand their data environment.

While an audit is used to identify control effectiveness and a risk assessment can identify what controls can be implemented to reduce risk, the gap analysis is designed to do exactly what it states – to identify gaps between the current environment and the organization’s required or desired state. This may be a specific regulatory compliance objective, such as how the organization meets the requirements of the HIPAA Security and Privacy Rules or PCI-DSS. In many cases, an organization may want to be able to claim that they are compliant with an information security standard, such as ISO27001. In other instances, the organization may have developed a roadmap for where they plan to be in the future, and want to identify the current progress and next steps. A gap analysis can provide essential feedback for all three examples.

BSides Portland 2019 Recap

At Intrinium, we strive to offer as many opportunities as possible to further education, encourage team collaboration, and networking across our industry. Last weekend, our Managed Security Services team headed to the Portland Convention Center for BSides Portland...

BSides Sacramento: The Recap

  This past weekend, Partner and Advisory CISO, Stephen Heath attended the inaugural BSides event in Sacramento, California. BSides is a national Information Security conference that takes place throughout the nation, it is 100% volunteer organized to continue to...

Cryptocurrency Security 101

By Turner Lehmbecker – Information Security Researcher – Intrinium Introduction With the increasing popularity and value in Bitcoin and other cryptocurrencies like it, many people have become interested in exploring the use of cryptocurrency as potential investments...

Pin It on Pinterest