What is Vulnerability Scanning and Penetration Testing?
Vulnerability scanning solutions allow organisations to determine if they have any security risks in their infrastructure setup. This may be a configuration error or a weakness in a certain application, etc. Scans can be conducted regularly and after changes to minimise vulnerabilities, they are generally non-intrusive.
Penetration testing can be done externally trying to enter in to the business or internally to see what may be at risk on the LAN. The test simulates a hacker attack and once a vulnerability has been identified, a pen tester then tries to exploit that vulnerability to see what the risk maybe, it is this exploitation by a person that differentiates Pen Tests from Vulnerability Scanning. Many auditors require a pen test as part of their assessment.
Cygnia work with Outpost 24 Vulnerability Scanning Provider:
Outpost 24 offer leading proactive security solutions in the areas of Vulnerability Management, Web Application Scanning and PCI Compliance. Outpost24’s advanced and complete technology solutions of cloud based services and agent-less appliances are easy to implement, highly intuitive and accurate, providing the lowest possible total cost of ownership (TCO).
Cygnia works with a number of penetration testing providers:
Cygnia works with a number of Penetration Testing providers. Our partners are accredited to the highest standards within the UK and hold the CESG’s CHECK and Tiger Scheme accreditations. Our partners can do external gateway , internal network, application, wireless and social engineering tests.
Honey Pot Traps
Honey Pot traps lure hackers to compromise them and alert you they have accessed the network once they have evaded your security:
Today many companies have an Intrusion Detection System installed however in practice these can be poorly monitored, take significant amounts of time to both keep updated with the latest signatures and to remove false positive alerts from the console.
Brand Damage Protection Service
The modern hacker has more techniques at their disposal than just scanning your gateway looking for valunerabilities. These can cause significant "Brand Damage" to yopur organisation:
The Modern Hacker knows you have Firewalls, IPS, Web and Email Content Scanners on the gateway and after they have checked there are no vulnerabilities in any of these systems they are going to look for other vulnerability’s.