Network Infrastructure

Utilizing a proven engagement methodology to meet your business and risk management goals, our custom-tailored Network Consulting Services are comprehensive and designed to identify vulnerabilities in your entire organization, not just weaknesses in your network.

Enterprise-Level Assessment Services

Network Risk Assessments

Risk Assessments are a critical foundation of any information security program and a regulatory requirement of the Gramm-Leach-Bliley Act, HIPAA, PCI-DSS, NIST, and other security standards and guidelines. Our detailed methodology identifies the confluence of assets, threats and vulnerabilities that introduce risk. We can prioritize the risks and recommend management strategies to mitigate, transfer, accept or avoid the risk.

Core Assessments

Our Core Assessments can protect your organization from liability, regulatory non-compliance and negative public image, and they can be customized to meet your specific needs.

Network Security Assessments

Our Network Security Assessments give you the best of both worlds by performing a penetration test as a subcomponent of the External Security Assessment. This enables you to see if your network can be penetrated from the outside and gives you a comprehensive list of all security vulnerabilities on your perimeter network.

We also offer a Vulnerability Assessment that utilizes MissionControl to provide a rapid and efficient inventory of the devices, services and vulnerabilities of Internet-connected networks.

Our Network Security Assessments typically include the following:

• External assessment
• Firewall assessment
• VPN assessment
• Wireless security assessment
• Social engineering
• Server configuration assessment
• Microsoft assessment
• UNIX environment assessment
• Network architecture assessment
• Mobile security assessment
• VoIP security assessment
• Physical security assessment
• Virtual infrastructure security assessment

Our network security consultants identify and thoroughly test potential points of attack after enumerating every live host, open port and available service. We focus on areas where a compromise would have the greatest impact and create the highest risk to your business. We also understand the policies and regulations that drive the need for security, especially for e-commerce and financial services. Our analysis is not disruptive to your organization, with minimal or no impact on staff and business productivity.

Information Gathering

To determine your overall risk, a detailed blueprint of your company’s network and security profile is created. We gather domain names, IP network ranges and information about hosts, such as operating systems and applications.

Vulnerability Scanning

After the blueprint is created, we perform Vulnerability Scanning to penetrate vulnerable systems. We take a big-picture view of your network and chain together multiple, low-risk vulnerabilities in order to achieve a high level of access into the target. This linking of vulnerability typically culminates in pilfering sensitive data such as password hashes, restricted databases or attaining specific trophies that your company identifies.

Manual Vulnerability Verification

Our consultants go the extra mile during our security assessment and also perform Manual Verification of the discovered vulnerabilities to minimize the number of false positives, thus saving you time during the remediation process. Manual checks are performed to ensure that the operating systems are properly identified and version numbers are correct.

Penetration Testing

The Penetration Testing phase provides the most thorough test of internal defenses available. Our consultants scrutinize all hosts in scope for any weakness or sliver of information that could be used by an internal attacker to disrupt the confidentiality, availability or integrity of your systems.

Vulnerability Analysis

The last phase of our Network Security Assessment methodology is Vulnerability Analysis. An in-depth analysis of your vulnerabilities is performed to determine the systemic causes and to develop strategic recommendations.