Security testing involves conducting tests via the Internet to simulate the view of your systems through the eyes of a potential attacker. It also includes attending your site and connecting to your internal network. The on-site approach allows Keyfort’s network analysts to view services and resources from behind the external perimeter to help identify internal vulnerabilities e.g. weak wireless security.
The Keyfort security testing process comprises:
- Scoping. Identifying the main risks and assessing the appropriate targets for security testing.
- Discovery. Gathering information about a network and its services.
- Vulnerability Scanning. Testing systems and services for known vulnerabilities.
- Target Penetraion. Vulnerabilities will be assessed but will not be actively exploited as systems may be compromised.
- Analysis. The results arising will be consolidated and assessed.
- Risk Assesment Report. An executive summary complete with recommended corrective actions will be produced. The detailed technical results from the vulnerability tests will be included as an appendix to this report.
The Keyfort security testing does not include:
Application tests used to identify and assess potential threats to software applications, including bespoke or proprietary software applications.
Social Engineering tests which rely heavily on human interaction and often involves tricking other people into breaking security procedures.
If you should require further information on Keyfort’s security testing please do not hesitate to contact us.
