|
|
|
|
 |
 |
 |
Penetration Testing
| |
Is your network secure? How do you know? The only way to know for sure how your network will perform under attack is to actually attack it. White Badger Group’s team of certified security experts will launch controlled attacks against your network and prepare a report detailing what holes were found, how they were exploited, how much of a threat they are, and suggestions on how to fix them.
How does a penetration test work?
A penetration test starts with a large amount of research. Any data about your company and employees we are able to find will then be used to more effectively plan and execute attacks on your network. The next step in the test is to scan and footprint the network. Once we have gathered an appropriate amount of data, we begin attacking your network using many of the same tools that malicious hackers use. All research, footprinting, and attacking will start in a very quiet way, growing louder and more aggressive as the test progresses. This allows us to gauge what kinds of attacks your network will block, and which it will allow. By the end of the test, we will have collected enough information to prepare a report detailing everything we found, highlighting any points of concern, and how to improve your security.
Unlike some “penetration tests” performed by other security firms, White Badger Group will go as deep into your network as you want. This makes the test very much more realistic, and provides a good deal more data about the real state of security throughout your network. In some cases, we will be unable to get beyond the network perimeter (a very good thing). Should this happen, we offer a variety of ways to continue the test via a secure tunnel, allowing us to bypass perimeter security without leaving any holes for attackers.
One of the most recently popular and difficult to secure vulnerabilities is the client-side attack. These attacks don’t target the network’s perimeter or any of its services, but instead targets your end users. Statistically, even with good training, and good perimeter defenses, these attacks will be successful a significant amount of the time.
Internal Penetration Testing
The goal of an Internal Penetration Test is to simulate an attack by someone inside the organization. This attacker could be anyone who has access to any building or network in your organization. Typically, an organization’s network is weakest on the inside, precisely where these attackers will be. White Badger Group’s security experts will carry out such an attack, mainly targeting access control systems, wireless networks, and, optionally, physical security. In the end, you will know how an attacker would exploit the systems in your organization.
External Penetration Testing
An External Penetration Test aims to simulate an attacker outside your organization, who is also usually in a remote location. Such attackers may be malicious hackers from a few miles away, or a few continents away. White Badger Group’s External Penetration Test is performed exclusively from our secure facility, by our certified security experts.
Custom Penetration Testing
If your needs are more specific than either of the above offerings, we would still like to help. White Badger Group will work with you to test a specific system or set of systems. A good example of this is a new installation of IDS/IPS systems. In order to be useful, they need to be tuned, and tuning these systems can be difficult. It’s even more difficult without controlled attack traffic to reference. White Badger Group can assist in this and many other situations. Contact us to see how we can help you.
|
Vulnerability Assessment
| |
Attaining a good security stance is never easy, but it is much more difficult when you don’t know where you currently are. A Vulnerability Assessment will help nail down exactly what areas are weak and where to devote resources. White Badger Group’s team of certified security experts can cover your organization from top to bottom, or only in the areas you feel that need help.
Wireless
One of the newer risks to sensitive networks is the proliferation of cheap and easy-to-use wireless devices. Many times, people will bring in these unauthorized devices and attach them to the network without anyone knowing. And, without proper security settings (which are never there by default and rarely applied), they open the internal network to anyone within several miles. Even laptops with built-in wireless capability can be a threat when attached to your network. White Badger Group’s team will find any rogue devices in your area and alert you to their presence.
Local scan
Having strong security measures on the perimeter of your network is only the first step to having a good security stance. The best methodology is “defense in depth,” which says that any secure system should have good security measures in place throughout the system, not just in selected places. While most attackers are located outside your network, many attacks are actually executed from inside of vulnerable networks, where there are generally fewer defenses. White Badger Group can perform scans of your internal networks to find any weak points and help eliminate them.
Remote Scan
The perimeter of your network is the first line of defense against a world full of malicious hackers. The devices that make up the perimeter are often difficult to configure and rarely installed correctly. White Badger Group will perform a scan of your network’s front line to verify the proper functionality of the devices. These scans are able to be performed as a single event, or as part of an ongoing verification of your network’s security.
|
Policy Review
| |
At the core of every good security program is a well-written and current policy. The policy should drive all other parts of the security process, including technology purchases and implementations. A good policy will be a useful tool instead of a hindrance, allowing for easy fixes to existing problems, and preventing new problems from occurring. White Badger Group can help you write a new policy, or shape up your existing policy. |
Consulting
| |
If your organization has security needs above and beyond our defined services, we offer consulting at an hourly rate. Contact us and let us know how we can help make your organization more secure. |
Web Compliance Auditing
| |
Regulations govern what you need to display on your website. With our website compliance assessment, every page on your website will be checked to ensure that it is in compliance with financial consumers’ rights and privacy regulations. In addition, we will examine the website for any presentation errors. |
Education
| |
Now more than ever, the weakest link in the security of a network is the end user. Phishing attacks, viruses, rogue devices, and other threats all target end users explicitly, bypassing many other kinds of defenses. For this reason, White Badger Group offers on-site training and materials for your end users, which will help turn them from security threats, to the eyes and ears for your security team. Our training sessions and materials can be customized with pieces of your existing policies and procedures, to reinforce any rules that are already in place. |
Pricing Strategies
| |
In creating a pricing plan for our services, we decided to do something different from most other companies in our industry. Most other companies charge based on number of IP addresses and sites being evaluated. Because the number of IP addresses usually doesn’t correlate to the effort required to evaluate them, and because sites vary in size and complexity, we categorize network devices in to different classes. Each class carries with it an appropriate amount of time to fully assess the type of device you have. Pricing this way assures that you get the most efficient and thorough work done for the best price. |
|
|
|
|
|
|
|
|
All Rights Reserved © 2008 White Badger Group Inc.
test
|
|
|
|
|
|
|
|
|