Case Study: Network Penetration Test Case Study: Network Penetration Test

Determining the state of your business network and providing you with various recommendations that will improve your network's security

Blog Post: The Operational Reality of Opt-In Security Controls Blog Post: The Operational Reality of Opt-In Security Controls

A closer look at insecure default configurations and opt-in hardening

Description

Our Network Security Team brings together many years of education and experience in internal and external network security, including certifications such as the Certified Information Systems Security Professional and the Cisco Certified Network Analyst-Security. In addition, our consultants also spend time researching the latest industry trends, approaches and tools, writing articles, providing training sessions, as well as participating in various Network Security conferences.

We continually use our in-house lab to stay current with the newest network tools, techniques and trends. Our goal is to always use the most up to date network technology and techniques to assess your network security needs and provide our detailed recommendations.

In our Risk Management Approach to testing, we ensure that our testing never affects your production environment. We take special precautions to ensure that there is no downtime to your systems and we never perform denial of service (DoS) attacks unless you request them. As well, we can always accommodate testing of your network during scheduled maintenance windows or after business hours.

Similar to all our services, the results of the Network Security Assessment are presented in two reports: one presents a high level list of the findings for the management team to understand the findings and how the security risks impact the business and another, much more detailed report, is written specifically for the technical team who will be implementing the change(s) to the network. This detailed report includes code samples, examples, suggestions, and many other items that will help the remediation team understand both the risks and the list of action items they are required to complete.

After our Assessment Team has identified and submitted the key areas of risk within your network environment, we can follow up with a Remediation Consultation that makes sure the outlined vulnerabilities have been fixed and new issues have not been introduced.

Meet Our Experts

  • Paul O'Grady

    Paul O'Grady

    Security Consultant

    Finally gaining access to a high-value asset or getting Enterprise admin should never be the only measures of a successful penetration test. The following are equally important goals to strive for: providing detailed reproduction instructions, artifacts and trophies that confirm the presence of vulnerabilities and demonstrate the severity of their impact; recording video documentation of the exploitation process when critical vulnerabilities were identified or when several exploits are chained in succession to greater effect; working with internal resources to understand the true impact of a compromise; as well as picking up the phone and collaborating with different parties in an advisory capacity to help devise an appropriate remediation strategy, rather that applying a one-size fits all approach to remediation.

    With his broad range of technical skills and excellent leadership experience, Paul thrives on assessing complex environments from host and device configurations to solution architecture reviews. Paul keeps his skills honed through research, and attending conferences. He periodically performs training courses, including Attacking & Defending Web Application at SecTor (2010). He also presented his findings at the Securing Remote Access Solutions Seminar at ISACA Toronto (2010).

Overview

A Network Security Assessment determines all the possible network related vulnerabilities, using the most up to date network technology, while never affecting your production environment.

Key Business Benefit

We assess your network security needs and provide our detailed recommendations as well as determine the impact each of these will have on the business.

Methodology

Our Network Security Team brings together many years of education and experience in internal and external network security. Our methodology is tried and tested to provide results across multiple industries.

Learn more