Information is your company’s greatest asset. Protecting that information is one of your company’s most important responsibilities. Ensuring your networks are not vulnerable and that your information is safe is the first step toward growing a strong and secure business. Prudential Associates’ information security specialists can help give you peace of mind in helping to keep your most valuable information safe and secure.
Recurring Security Analysis
Network vulnerabilities and computer viruses are developed on a daily basis, and the only way to protect yourself from these threats is to stay one step ahead of them. The Recurring Security Analysis Package from Prudential Associates continuously monitors your systems for new threats and notifies you should any action need to be taken to further service your network.
Basic Network Security Assessment Package
The Basic Security Package includes the most vital vulnerability scans, security analysis, and technical reports. We use a wide range of tools and tests developed over the years through penetration testing experience with high-profile clients. The package itself does not include penetration testing, but the information from the basic package provides a realistic perspective on your network’s information security. The Basic Security Package is a high-impact vulnerability assessment package that includes comprehensive testing for over 12,000 network vulnerabilities.
Technical Aspects of the Basic Package:
- Detailed network mapping and systems identification
- Information-gathering attacks probing ICMP, UDP, and TCP services
- Thorough multiprotocol TCP/IP stack interrogation of each IP address
- Identify and address vulnerabilities
- In-depth web security inspection/certify network
Advanced Network Security Assessment Package
The Advanced Security Package offers the same vulnerability tests, analysis and reporting found in the basic package, but in addition offers a penetration testing component. The penetration testing component is an elite, sophisticated service that requires the time and experience of network security penetration testing experts to break a system’s security and submit methodology documentation.
Technical aspects of the Advanced Package include all tests from the Basic Package, plus:
- Current remote exploits from the hacking underground that are too new to be included in the automated scanning tools
- Custom “bruteforce” dictionary created from website, zone information, hostnames, usernames, and optionally public forums
- Authentication system subversion auditing using high-risk dictionaries and optionally the custom bruteforce dictionary listed above. Services tested may include netbios, telnet, ftp, rsh, rexec, rlogin, pop3, http, imap, ssh, and optionally ldap, sql, oracle, and other databases.
- Manual web security inspection- testing of custom CGI scripts that are in use
- Firewall subversion techniques including source porting, source routing, spoofing, DNS alteration, ftp bouncing, fragmentation, and other network voodoo (extreme techniques)
All security packages include a detailed report of all vulnerabilities, including repair instructions, a prioritized list of action items, and a detailed network map.
Prudential Associates offers a variety of customized security solutions in addition to our standard packages. These additional services include:
- Vulnerability assessments
- Network and systems hardening
- Policy planning, development, and enforcement
- Corrective action plans
- Employee training
- Data protection
- Disaster recovery plans
- And more