VULNERABILITY ASSESSMENT
Internal vulnerability and penetration testing
Preventing damage or corruption to data which is crucial to your business
The internet has its benefit and downside. It created globalisation, flexibility and ease however it also creates a channel for the criminals and fraudsters to steal, damage or corrupt the data which is very crucial to your business continuity and viability.
We all prefer to do business online and as a result provide information that is confidential to us, such as, credit cards numbers, medical record, authentication data and other personally identifiable data. Consumer confidence is eroded daily from the plethora of news in the media about internet hacking, website and data compromise.
This is the case because attackers are aware of the valuable information accessible through the web and make every effort to obtain it maliciously or by exploiting any vulnerability in the application or business environment.
Undertaking internal vulnerability assessments of your business
CARG highly skilled team of security experts can undertake an internal vulnerability assessment of your business environment to identify where vulnerabilities exist in your existing technologies and business processes. Our experts adopt a technical and non-technical approach to complete the vulnerability assessment exercise.
The output of the assessment is a report which includes vulnerability type, severity level, technical explanations and remediation instructions.
CARG's team of security experts also conduct a penetration testing of application and infrastructure components within your organisation. Penetration testing activity builds on the vulnerability assessment exercise by attempting to manually exploit the identified vulnerabilities in a similar way internet criminals would have exploited the vulnerabilities.
Bespoke assessments of areas of vulnerabiity
Some of the vulnerability areas in scope are
● Parameter Injection
● SQL Injection
● Cross Site Scripting
● Parameter Overflow
● Character Encoding
● Brute Force Authentication
● ..and many more
Bespoke Assessments include;
● Web and Application Security Assessment
● Network Security Assessment
● Internal Network Audit
● Wireless Security Assessment
