What do hackers see when they probe your systems?

WaveGard's Penetration Testing Service provides our clients with a method for evaluating the security of their Internet network perimeter by performing real world attacks against your systems using techniques similar to those used by malicious hackers. Our process involves active identification and analysis of your systems for any known weaknesses, vulnerabilities and configuration flaws using leading edge system subversion tools such as Metasploit, Core Security Technologies COREIMPACT, Watchfire AppScan, Tenable Network Security Nessus, and others.

Identification and analysis is conducted from the viewpoint of a "malicious hacker" and with your permission, involves active attempts to exploit system vulnerabilities even if you have layers of security controls in place.

The product of this work is a complete analysis of each problem's criticality, ease of exploitation, and potential impact to the organization. Further, we provide valuable advice on ways to prioritize and correct the problems effectively helping you grapple with security requirements such as regulatory compliance.

WaveGard's Testing Methodology at a Glance:

• Step 1 -- Perform reconnaissance to discover information about the target
• Step 2 -- Perform target vulnerability scanning to uncover possible unauthorized access vectors
• Step 3 -- Attempt Server-level penetration through the firewall. This includes remote code execution exploits against each target and privilege escalation
• Step 4 -- Attempt Application-level penetration through the firewall. This includes vulnerability discovery within web application processes using multiple techniques such as SQL injection and cross site scripting attacks.
• Step 5 -- Attempt deep network access using perimeter hosts as staging points