** Services > Network Audit and Penetration Testing

Our services cover all the entry points that an intruder can
exploit when trying to break into systems. These include both
the Internet and internal office networks.

* External Internet Gateway Testing

Perhaps you've just made a minor change to an established Internet
gateway and need a quick check to make sure that you haven't opened
up any holes. Or maybe you're setting up a new web presence and
need a more through check of your servers, firewalls and network
components.

Our consultants use much the same technology as ethical hackers
but follow a structured methodology. This provides width as well
as depth.

* On-Site Internet Gateway Testing

An on-site review of an Internet gateway goes beyond a simple
external scan and looks for security in depth.

As well as carrying out a thorough examination of possible traffic
flows, we can assess an organisation's ability to handle security
alerts and other anomalies.

* Web Application Testing

A platform-level penetration test is all well and good, but it
won't show up vulnerabilities inherent in e-commerce and other
web applications.

We can help make sure that a user cannot gain unintended access
to data belonging to other users (or the company itself), even if
this is only at the embarrassment level. Similarly, we can examine
whether a user can break the application or disrupt the service.

* Wireless LAN Testing

Internal or external network?

A strict security policy is ineffective with a rogue wireless
LAN inside the building. An audit will show whether outsiders
can exploit wireless networking access points

* Modem Detection

How many modems does your organisation have? What do they offer
to the world at large? Are they providing a back door on to
your network that completely bypasses your carefully constructed
firewall?

We can find out for you.

* Internal Network Mapping

In larger organisations it can be hard for security managers to
get a view of the entire network for which they are responsible.

A full survey gives a clear picture of the number and types of
systems on the internal networks. This can include vulnerability
testing of key systems.

* Internet Visibility Audit

Does the outside world know more about your networks that you
do yourself?

We can find out how much of your network structure is public
information: this is often a useful precursor to a penetration
test.

* Web Application Design Review

We always recommend testing a web application before it goes live,
but sometimes there are inherent security flaws that can be hard
to fix.

This means that it is important to involve security specialists
in the all stages of e-commerce development: we can make sure a
web application is built on secure foundations from the start.

* Our Approach

We have carried out dozens of assignments, for large and small
customers, and we know what they expect from a penetration test.

* About Us

IDsec is an independent company specialising in network security,
and has provided penetration tests and intrusion detection
systems since 1997. We can assess the security of your enterprise
and advise on long-term protection: as we have for a range of
blue-chip clients in the banking, telecoms, manufacturing and
utility sectors.

IDsec Limited 31-33 College Road, Harrow, Middlesex HA1 1EJ,
United Kingdom

T: +44 20 8861 2001 F: +44 20 8861 3433 W: www.idsec.co.uk

All prices exclude VAT and are subject to confirmation.

Copyright (C) 2009 IDsec Limited

services/testing/testing.txt 20091019     (5.09)