On the product side, even firewalls may have an undiscovered vulnerability lurking in the code. Recently announced vulnerabilities – such as HeartBleed, ShellShock and recent Windows fixes – were for things that had been sitting in the code for a decade or more and just hadn’t been found yet.
As discussed in last week’s post, threats on networks are intensifying, and your efforts to protect your business need to step up to that challenge.
Penetration Testing
To see how secure your network is, consider one of today’s security tests:- External: Attack from the outside and attempt to breach the network perimeter.
- Internal: Attack from within to see what is possible if an intruder (or insider) got inside.
- Social Engineering: Focus on whether your employees say or do something that could open a door to a breach.
- Physical: Attempt to enter the premises under false pretenses and gain enough access to implant a remote access device, install software/malware or grab data without being detected.
Our CTG team regularly conducts either individual or a combination of security tests, working with our clients on the best approach to identify any vulnerabilities.
Monitoring, Detection and Incident Response
No matter how well you patch, secure and maintain your systems, ever-changing threats can thwart the best-laid plans and efforts. Putting your detection systems to work is just the first step.Good detection without a solid incident response capability is nearly worthless. Just ask Target and Home Depot: These companies’ systems both detected breaches, buth their response protocols were not followed or were not fully tested.
An incident response plan mirrors many of the characteristics in disaster recovery planning:
- Foresight to consider what can go wrong,
- Written processes and procedures to avoid the “seat of pants” activities when it does,
- Chain of command and reporting processes so management at all levels can remain informed and make appropriate business decisions.
- And practice, practice, practice.
Vulnerability Scanning
Vulnerability scanning is not a penetration test, however a penetration test includes vulnerability scanning. A vulnerability scan is an automated testing tool for basic probes and simulated attacks. With penetration testing, our highly skilled team uses our knowledge to attempt to bypass your security controls and gain access. An automated scanner can’t make tactical decisions based on responses.That said, vulnerability scans are useful for helping to determine a device’s susceptibility to recently discovered exploits. For example, ShellShock and Heartbleed were long unknown vulnerabilities discovered in 2014. Vulnerability scanners were some of the first to release signatures and automated tests to help discover whether your systems included those risks.
Policy Audits
A policy audit often completes an Internal Penetration test. We’ll look at your written security policies (you do have written security policies, right?) and validate that they meet your targeted security posture and are implemented consistently.Reporting and Remediation
Clients come to CTG to identify issues, and we complete each penetration testing and related analysis with comprehensive executive and technical briefings. We’ll tell you exactly what we uncovered, and, more importantly, we’ll offer specific recommendations on how to enhance your network security.Jeff Garell is co-founder of Convergent Technologies Group.
No comments:
Post a Comment