Penetration Testing
DataSure24’s Security Analysts conduct vulnerability scans to identify gaps in a company’s security program. The results are used to attempt exploits against the organization, mimicking a real-world scenario of what could happen if gaps in security are left unaddressed.
Penetration Testing follows a five-step methodology, with the procedures involved in each step driven by the specific needs of the individual company.
Planning
Scoping, boundaries, communication procedures, authorizations. Identify the best approach for testing.
Discovery & Identification
Enumeration of assets, ports, and services via vulnerability scanning and manual information gathering.
Vulnerability Assessment
Analyzing information gathered for all assets and creating an appropriate exploitation plan based on the target network(s).
Exploitation
Utilizing the constructed plan to illustrate the true risk that the identified vulnerabilities present to the customer's network. The exploitation is conducted using both manual attempts and automated tools.
Reporting
Provide a report containing high-level takeaways, executive summary, and in-depth details of how each phase proceeded. Review meeting held to go over results with the client.