External Penetration and Vulnerability Testing

Why should you contract an outside firm to test your networks?

Anyone can scan your network perimeter and probe your services for access points and vulnerabilities, isn't that one of your primary concerns? So why should you pay an outsider to do it? Here's why: an external penetration & vulnerability testing organization such as Patriot employs staff trained in anti-hacking and provides comprehensive reports and recommendations to help you improve your security measures. They use a well-conceived test plan that can be repeated as often as necessary (a) to determine whether new access points have been opened and left vulnerable (b) to verify that corrective measures you take following an initial test summary report are properly implemented (c) to distinguish between new vulnerabilities versus deviations from the baseline that are legitimate policy changes.

What does Patriot provide to address this issue?

Patriot provides clients with network security management services by utilizing a comprehensive set of applications to effectively determine potential vulnerabilities and manage the overall security of their networks.

Patriot performs an extensive series of external penetration and vulnerability testing in order to measure the exposure of the network resources and online services to attacks from the Internet and evaluate the effectiveness of the network controls, (Firewalls, Routers, Servers, etc.), in order to prevent such attacks.

The tools, methods, and techniques employed by Patriot to perform these tests are generally well known throughout both the computer security and "hacker" communities. In order to effectively identify with the ever-changing methods of the possible hackers and intruders, Patriot updates the variety of testing applications it uses on a regular basis. To avoid the risk of bringing down services during the actual testing process Patriot uses a non-destructive series of attacks that relies on banners rather than exploiting real flaws to determine if vulnerabilities are present.

Vulnerabilities or configuration liabilities discovered as a result of these tests can be viewed as those that any intruder may find while testing the network and connected systems. Tests are conducted over the Internet to determine if external network security controls, (Firewalls, Routers, Servers, etc.) are effective in preventing unwanted external intrusion. All Internet tests are accomplished from the perspective of an outsider trying to gain unauthorized access.

During the testing process Patriot notifies the client of any critical security problems immediately, in some cases providing interim reports detailing the attack along with providing recommendations for defensive measures.

Upon completion of the testing process the results of all tests are summarized into a comprehensive .pdf summary that lists the network and service layer attacks applied, a summary of all open ports along with risk factor levels, insight as to possible violations that may occur as a result of specific vulnerabilities and the recommended necessary corrective measures to provide a higher level of security for the systems, network and data, in order to facilitate a smoother and more secure flow of operation.

The summary is prepared and arranged in a format that is easy to read and understand.

The external penetration and vulnerability testing is available as a quarterly, semi-annual or annual service and is priced to meet each clients budgetary guidelines.

The only requirement that clients need to fulfill is to provide Patriot with the Network IP Range, Server IP's, and any public IP addresses that are to be tested.

To inquire about pricing for your organization please send your request via email to sales@patriottechcorp.com or telephone 310.306.7300 (Mon-Fri 8:00am-5:00pm) PTZ