Risk Assessment or Intrusion test services

What is an Intrusion test

An intrusion test is a method of evaluating the security of an information system by simulating an attack by a malicious hacker. It generally aims to highlight the weaknesses of the company's security processes and policies. This analysis is carried out from the position of a potential attacker, by ethical hackers, who are hired and mandated by the company, and can involve active exploitation of information security vulnerabilities.

An intrusion test aims to check the ease or difficulty for an intruder to access the company's information system.

Why conduct an intrusion test?

An intrusion test helps to know if the company's informational assets are vulnerable to intruders' attacks and determine what should be the corrective measures.

The tests performed will enable you to answer to the following questions:

• Is confidential data well protected?
• Is it possible to get an unauthorized access to our informational assets (Web site, corporate network, etc)?
• Is it possible to order fraudulently products on our E-Business site?
• Can one customer fraudulently access another customer's account?
• Can someone perform a denial of service attack on our Web sites or networks?
• Can a hacker take control of our assets?

What type of intrusion test can Above Security do for you?

A broad range of intrusion test (also called penetration tests) are offered by Above Security. These tests are performed by our security consultants in a safe and controlled environment, by using the same techniques as computer hackers.

Intrusion test apply to the informational assets like:

External Network. A vulnerability assessment and impact of a potential external attack on the company servers or devices, which are accessible from the outside, such as Web servers, Domain Name Servers, email servers, VPN access points, perimeter firewalls, routers, etc.

Internal Network . A vulnerability assessment and impact of an intrusive attack performed by a regular user or an intruder, on all the internal servers or devices such as domain controllers, internal Domain Name Servers, internal email servers, Intranet servers, user workstations, internal firewall, etc.

Web Application. A vulnerability assessment of the connection requests to the data bases, dynamic forms, users sessions, authentication and authorizations management, N-tiers applications, etc.

Wireless Network. A vulnerability assessment of potential security gaps or flaws in the design, implementation or operation of the organization's wireless network.

Telephony Network . A vulnerability assessment of the telephony infrastructure such as PBX systems, dial-in modems, Servers with dial-up maintenance, VoIP, wardialing, etc.

Above Security offers state-of-the-art technologies, processes and expert advice in information security to help your business reach its objectives.

To know more about how we can enhance your organization's information security fill the form below