Penetration Testing - Pen Testing

The Issue:

If technology is critical to your business, then so is security. Hackers today are growing in sophistication and causing real damage to organizations. Several recent high profile data thefts are unfortunately just the tip of the iceberg. Many organizations have yet to fully embrace the need for a rigorous and ongoing security countermeasure program.

Preventing security breaches is a bit of a cat-and-mouse game. As defenses are improved, the tactics and exploits used to gain access to sensitive information shift to new vectors. To stay on top of the threats, it is critical that organizations keep up a constant security countermeasure program that includes penetration testing, also commonly known as "pen testing."

The Solution:

ETS provides a customizable penetration testing that, depending on your needs and focus area, identifies potential vectors of attack that a hacker might try to exploit when trying to access secure data. Our Certified Ethical Hackers conduct penetration testing that can identify higher-risk vulnerabilities that usually are the result of a combination of lower-risk vulnerabilities, exploited in a particular sequence. While locking down various entry points is important, one of the main goals of penetration testing is to test the ability of defensive systems to detect and respond to threats. ETS has provided penetration testing services to many clients in the Chicago area and beyond.

Our Consulting Methodology starts with listening, so contact an ETS Trusted Advisor now to discuss your situation and how we can help with your pen test needs. As part of our discussion, we will work to better understand your requirements, offer suggestions, and help you understand pricing and costs associated with a one-time or comprehensive approach to your IT Security needs. Along with penetration testing, a comprehensive or focused IT Security Assessment is also recommended. 

Types of Penetration Tests:

There is a nearly infinite number of ways, or threat vectors as they are commonly known, for a hacker to infiltrate a network. Therefore, there are many different types of penetration tests that may apply to your environment. At ETS, we work with you to understand which systems and what data, specifically, an attacker may be trying to acquire. From there, we can tailor our ethical hacking efforts to best fit your needs. Since just about anything can be hacked, here are a few examples of attack vectors we can target:

  1. External Network Services Pen Test will help you understand your public facing network egress point vulnerabilities. It is one of the most common type of penetration tests; however, usually the best protected, as threat vectors have evolved in complexity over the years.
  2. Web Application Pen Test will help assess the security of outward facing web platforms and exploitable code associated with their databases and middleware components. 
  3. Client Side Pen Test can help you understand threat vectors associated with the operating system and applications running on target client workstations. This can be geared towards the operating system itself, browser, and supporting software such as Adobe Flash, Oracle Java, various Microsoft Office products, or business specific software packages.
  4. Wireless or WiFi Pen Test will help you understand the initial security settings and restrictions associated with wireless access. Basically we target your wi-fi network to validate security configurations. This can include both private and guest configurations. Guest networks are important to test because they are often comingled with corporate networks. Hackers can use one level of access to launch attacks against more sensitive network systems. 
  5. Internal Network Pen Test will focus on internal boundries between systems and help you to mitigate access and damage if a hacker does compromise a less secure part of your network while trying to gain access to a more secure network or data set.
  6. Social Engineering Pen Test will test the training level of users. Social Engineering methods will reveal the ease of which corporate users will hand over passwords or other types of sensitive information. These tests can be conducted remotely with simulated Phishing attacks and/or include an assessment of physical security controls and alertness of onsite staff. Remember that Security Awareness Training is a key component to a comprehensive IT Security approach.

Ultimately, the best defense is comprised of having a variety of controls and procedures in place to regularly patch, educate, and constantly monitor for abnormal activity.

 

Why Choose ETS?

ETS is a Chicago area based company that provides IT Security and Penetration Testing services to clients. ETS will help your organization evaluate needs and implement a customized pen testing solution that fits your goals and objectives.

Here are a few more reasons you should choose ETS:

  • Focus on Innovative Solutions
  • Work with the Best & Brightest
  • Get the Competitive Edge
  • Drive Results & Growth
  • Reduce Costs
  • Enable People through Technology
  • Streamline & Manage

 TECHNOLOGIES & PARTNERS

  ETS focuses on the best solution for you and your organization. Therefore we are familiar with a variety of  technologies from some of today’s biggest and most innovative technology firms. Take a look here.