What is a penetration test?
A pen test to evaluates the security of your IT infrastructure by safely trying to exploit vulnerabilities. These vulnerabilities may exist in operating systems, services and application flaws, improper configurations or risky end-user behavior. Such
assessments are also useful in validating the efficacy of defensive mechanisms, as well as end-user adherence to security policies.
Not all penetration tests are the same
There are numerous companies out there that offer Penetration Testing Services. The vast majority of these companies will simply run a scan with predefined parameters against your network that generate a standardize generic report. This is the “cookie-cutter” approach to Pen-Testing.
At Solis Security, we use several methods, automated and manual, to perform penetration testing. Our qualified security consultants take a
hackers approach to penetration testing. No scanning mechanism is going to be able to follow the actions of a truly driven, capable hacker in real time. This approach allows us to make the innovative and illogical moves that humans make to find new vulnerabilities.
The Solis Security Penetration Testing Methodology.
Using a combination of industry-standard tools and procedures, we document and assess your network, looking for areas of vulnerability, bottlenecks, service gaps and other concerns about the network and its ability to support your business services and requirements.
Our External Penetration Test will follows a Limited Scope of the PTES (Pentest Execution Standard). We will target your company’s assets that are exposed to the Internet. The objective is to gain access and uncover vulnerabilities that pose an immediate risk to your businesses security posture. Our Foundation Test includes testing up to Five (5) External IP’s SSL Certificates Domain Name Servers (DNS).
Solis Security will deliver the following documents that demonstrate what testing was performed, what the results were and what actions need to be taken. These include:
- Preparation — Define and document assessment objectives, scope and rules of engagement.
- Intelligence Gathering — Collecting and examining key information about your infrastructure.
- Devices without Identity — Reconnaissance for Internet-of-Things (IoT) devices reporting externally.
- Reporting and Guidance— Providing a comprehensive report with deep analysis and recommendations on how to mitigate the discovered vulnerabilities.
- Vulnerability Analysis—Finding existing vulnerabilities, using both manual and automated techniques.
It is all about taking action
Every penetration test performed by Solis Security is accompanied by recommendations of what your company should do and when it should be done. This remediation prescription is a huge step in improving your company’s cybersecurity.
If your organization is ready to learn more about its vulnerabilities, let's get started!