STEALTH-ISS LLC
Technology  Security  Encryption  Defense
about us it security intelligence military contact us careers

Computer Services

Computer Solutions

   Consulting

   Project management

   Security Design

   Project Realization

   Vulnerability Assessment

   Penetration Tests

   On-Site Assessments

   Security Scans

   Disaster Recovery

   Content Management

   Security Policy

   Web server Analysis

   Managed Services

   Network Monitoring

   Application Development

   Secure VTC

 

Security Compliance

   HIPAA

   Graham-Leach-Bliley

   Sarbanes-Oxley

   CISP / PCI

   Security Breach Act

   NIST-800

   ISO 17799/BS7799

 

Data Center

   Offsite Backups

   Redundancy solutions

   Data Storage

   Dedicated Servers

   SSL Certificates

 

Staffing Services

   Technology

 

Technology

   Products

 

Information

   Documents

   Latest Security News

   Links

   Partners

   Purchase Options

   Technical Support

 

Penetration Testing: Comprehensively Assessing Risk 

 

Overview

 

Penetration tests and vulnerability assessments are time-constrained and authorized attempts to breach and assess the architecture of a system using attacker techniques. This form of testing relates the most accurate and comprehensive view of an organization's information security stance, as it evaluates an entire system, exploiting vulnerabilities to determine precisely how an unauthorized user can get control of valuable information assets.

 

The form of such a test depends greatly on the client’s own situation. Tests can range from a brief overview of the security of an existing infrastructure, to an extensive simulated break-in, with the goal of obtaining specific information. Only a comprehensive penetration test or vulnerability assessment can determine the real risk to network resources, thereby making it possible to immediately prioritize corrective measures and to set the overall direction for an organization's security strategy.

A penetration and vulnerability assessment test can reveal:

  • if installed security system is inadequate and can be bypassed and whether  and how the system reacts to attack. This could help managers or IT persons in your company feel implicated.

  • Reveal which information can be obtained from outside of the network.

  • Put into test the security of an environment and qualify its resistance to a certain level of attack.

  • reveal whether it is possible to break into the system, using available or existing knowledge and which information becomes accessible, if the system is broken into

  • In addition to a security scan: a penetration test or vulnerability assessments can reveal security problems caused by some inconsistency between elements. Complex interactions are sometimes difficult to apprehend during an audit which focus on architecture, IP filtering, operating systems, web servers, and applications, one by one.

 

Security means finding a balance between the value of the protected information and the amount of time, energy and money that has to be expended to gain access to it in a break-in. Penetration tests and vulnerability assessments can reveal whether defensive systems work or need adaptation.

Stealth – ISS carries out penetration tests and vulnerability assessments using freely available software, the knowledge of our senior security specialists and commercial software which is being used by institutions such as Department of Defense, NASA, Visa, Microsoft, Citigroup, KPMG, SUN and many more.

An extensive report is made of test results. This includes not only all the actions carried out, but also an inventory of the information obtained, as well as conclusions about the quality of the security of the system.

 

 

How We Offer it. We offer a straightforward, yet comprehensive approach to our Testing Services: 

 

Assess. We'll start off with a free phone consultation to assess your needs. We'll help walk you through a brief fact-finding requirement stage that gives us information on goals, objectives, budget, timeline, configuration, special needs or requests, etc. 

Plan. Once we have a solid understanding of your needs, network complexity, etc., we will develop a Project Plan Quote. We identify the strategy, timeline, and budget that is right for your security and penetration test needs.

Scanning and Penetration.  This is our favorite part, and the one we do best - finding all those vulnerabilities you thought you never had and that could bring down your business, expose sensitive data, etc. We use many different attacks and approaches that will stress your solution to the max using state-of-the-art tools and proven test methods. At any point of time during the testing when we find a major vulnerability that either we (or you) consider serious or that could present a block for testing, we'll report that back to you immediately. This gives you an opportunity to make modifications and respond to a severe security risk as quickly as possible .

 

Deliver.   After we’ve completed our penetration test or vulnerability assessment, analyzed it and found security holes, we'll present you with a final security report that provides detailed information about the work done, including a summary of all testing performed, full test results with how to reproduce every defect, and conclusions and recommendations for remediation.

 

Penetration Testing Procedures

Penetration Test
 

  
 

Home | Who We are | Intelligence | Security | Military | Careers | Contact
English | German | French | Spanish
Copyright © 2005. STEALTH - ISS® LLC. All rights reserved. Terms of Use Privacy Policy