Penetration Testing

 

Penetration Tests help identify the genuine security posture of an organization. They use real-world attacker perspectives to simulate possible adversarial threats. They challenge the company’s security program. Most importantly, they determine the organization’s readiness to defend their networks against intrusions and attacks. With these goals in mind, Hermetic Networks offers services in the following focus areas:

  • Network Pen Testing
  • Wireless Pen Testing
  • Web Application Pen Testing
  • Application Security Testing / Static Code Analysis
  • Social Engineering (Phishing, Physical, etc.)

With your permission, Hermetic Networks would like to demonstrate how real-world attackers could exploit your vulnerabilities. Knowing your company’s true security posture is key to protecting your assets

Network Penetration Testing

There are two ways to perform a Network Pentest–from an external perspective or an internal perspective.  External Network Pentests focus on internet facing and perimeter devices, such as email servers and the company’s website. Internal Network Pentests, on the other hand, focus on your internally connected systems, such as file servers and workstations.

Hermetic Networks uses the data gathered during a Vulnerability Assessment to further demonstrate how network vulnerabilities could result in the unauthorized disclosure, misuse, alteration or destruction of confidential information. By exposing the flaws in your network’s security program, Hermetic Networks can help you identify the key areas which need enhancement, refinement, or reconfiguration.

Wireless Penetration Testing

Wireless Pen Testing is a special service requiring ‘war-walking.’ ‘War-walking’ is when an individual can easily map both authorized and rogue wireless local area network (WLAN) access points and devices. From there, an individual can capture wireless traffic and potentially access sensitive information.

As part of our full scale Penetration Testing process, Hermetic Networks will request access to ‘war-walk’ the areas in your organization which are covered by wireless access points. We analyze the wireless traffic to validate your company’s compliance with the customer organizational wireless policy, specifically keeping in mind service set identifiers (SSID), encryption and other factors.

Physical Penetration Testing

Your company’s physical security deserves as much scrutiny as its virtual security. Hermetic Networks administers Physical Security Tests upon request. ‘Real world’ exploits could involve examining your establishment for weaknesses. Our audits check your environment for potential security flaws.