Birmingham 0121 647 6565
London 0207 871 9995
Email info@cygnia.co.uk
0121 647 6565 Birmingham
0207 871 9995 London
info@cygnia.co.uk

Penetration Testing

What is Vulnerability Scanning and Penetration Testing?

Vulnerability scanning solutions allow organisations to determine if they have any security risks in their infrastructure setup. This may be a configuration error or a weakness in a certain application, etc. Scans can be conducted regularly and after changes to minimise vulnerabilities, they are generally non-intrusive.

Penetration testing can be done externally trying to enter in to the business or internally to see what may be at risk on the LAN. The test simulates a hacker attack and once a vulnerability has been identified, a pen tester then tries to exploit that vulnerability to see what the risk maybe, it is this exploitation by a person that differentiates Pen Tests from Vulnerability Scanning. Many auditors require a pen test as part of their assessment.

In an increasingly uncertain world that is relying more on data and communication, organisations need to be more careful than ever that their security is up to the task of protecting their assets and to also safeguard their customers, suppliers and the general public. Cygnia offers a comprehensive range of security testing services that test all aspects of an organisations security with a full report and remediation advice for their management team.

External Vulnerability Scanning

Nearly all organisations will have at least one internet connection, often running multiple services such as VPNs, email, web surfing, web servers, etc. Having your servers and network available over the internet is important for communication and data transfer however, it does open the door to potential security threats and hackers.

Cygnia’s External Vulnerability Scanning seeks out security flaws on public facing services and network equipment to see if and where a system could be exploited or threatened. The service is provided remotely by one of Cygnia’s highly trained security consultants using the Cyberscheme methodology generate a report so that the organisation can confirm the status of the security and make any needed changes.

External Penetration Testing

External penetration tests take vulnerability Scanning to the next level. Not only does a penetration test look for security flaws in public facing services and network equipment additionally our highly skilled consultants test to see if these flaws can be exploited. Penetration tests use different techniques and work in a very similar way to an actual hacker but with agreed parameters and boundaries so not to disrupt or compromise the organisation being tested. Cygnia’s External Penetration Test uses the Cyberscheme methodology which is accredited by CESG.

Internal Penetration Testing

Internal penetration tests are designed to emulate the risk of an attacker who has breached the network defences from a remote location, inside the premises or connecting to the WiFi from outside the building. The test is designed to analyse how easy it is to compromise the network or system and what information they could access and take. Further testing includes escalated permission, this emulates the malicious insider and what they could do.

Cygnia provides Internal Penetration Testing through their highly trained consultants and a scope is agreed before a test is undertaken to ensure its success. A report is produced that details if and where any issues exist and addresses them.

We knew the technology could do the job and was reasonably priced. What won us over was how helpful Varonis and Cygnia were. They were really keen to help set up a demo, and were able to move quickly to get us up and working in a matter of days.

Karl Kroger – Data and Security Administrator, Ipswich Hospital NHS Trust

Having worked with Cygnia for a number of years, we trust them to advise on our security infrastructure. Their recommendations on defending against cyber attacks is critical to our business. We are already seeing the benefits of this new technology and could not be happier with the implementation process.

Paul Stern – IT Network and Security Manager, Arriva Trains

Network security is imperative to C24, it is one of the defining areas of our business. The expertise of Cygnia around this area provides us with comfort, and in turn has allowed us to reassure our customers that their security is covered. We have also come to recognise that the service provided by Cygnia is, in our opinion one of the best in the industry.

Paul Hemming – Managing Director, C24

Implementing a Direct Access solution has made remote working much simpler for council employees; this has seen double the amount of people using the service. As a result the authority will save money by being able to consolidate its property portfolio and staff have benefited from greater flexibility in their work arrangements.

Gavin Booth – Telecoms Service Manager, North Yorkshire County Council

Cygnia’s Managed Firewall Solution has provided us with a great service. Our security is taken care of by experts, so we can focus on running the business.

Infrastructure Manager, DP World London

Cygnia have provided excellent consultancy services and have always responded quickly to support queries and issues.

Pam Rowley, Infrastructure Planning Manager, Staffordshire County Council

If you are looking for a proactive partner to advise you on the latest security vectors and help you get the most out of your Check Point investment I can certainly recommend Cygnia. Their Account Managers, Technical Consultants and Support Team have all been first class.

David Moore – Head of IT, Chiltern Railways