All businesses, large and small, face the growing challenge of Information Security within the organization. As an SMB, we know you want to protect your clients’ data and meet compliance requirements without allocating a substantive part of your budget or deploying complex solutions tailored to a larger enterprise. At Intrinium, we believe a great first step to review your network vulnerabilities is an External Penetration Test. This test is an integral piece of one of our core products, Assurance.
The External Penetration Test reviews the network environment and the strength of the perimeter defenses against an external vulnerability. Our threat model utilizes thousands of attacks that are used by opportunistic hackers used to compromise organizations every day. These attacks include:
- Searching for publicly available domain registration for useful information
- Port scanning of network resources
- Identification of systems and services accessible over the Internet
- Brute force attempts with weak or default passwords
- Comprehensive Vulnerability Scanning identifying over 100,000 of the top vulnerabilities
- Manual exploitation of identified vulnerabilities in applications
- Elimination and confirmation of false positives
What will an External Penetration Test discover?
- Weakness in the infrastructure (hardware), application (software) and users in order to develop controls.
- Ensure controls that are implemented are effective.
- Test applications that often used as avenues for attack.
- Discover vulnerabilities in pre-existing software.
What questions will an External Penetration Test help your organization answer?
- Is my business at risk from malware and ransomware attacks?
- Am I vulnerable to common network attacks can that lead to loss or customer data?
- Am I making the right investments to protect my data?
Why is an External Penetration Test important?
The Internet is a necessity for conducting daily operations for most organizations. It is important to look at all information available about an organization from the Internet to ensure private data stays private, through the implemented precautions, firewalls, VPNs, etc. Simulating an external hacker, the tests are conducted using techniques observed in the wild to best represent your risk from opportunistic attackers.