External Penetration Testing
External network penetration testing aims to identify the security risks in systems exposed to the Internet. Verizon's latest Data Breach Investigations report cites external attacks as being the cause of 92% of all recorded data breaches. 96% of these breaches were thought to be avoidable through simple or intermediate controls.
ReactionIS can help identify areas of risk and protect against the threat of these types of attack. A program of regular penetration testing can prevent such attacks and save time and money in recovering from a breach.
Systems available on Internet-facing networks will contain a wide variety of platforms, software and technologies. However, ReactionIS commonly uncover vulnerabilities in the following areas during external network penetration tests:
- Default or weak accounts/passwords
- Insecure database services
- Vulnerable remote administration services
- Weak file transfer and communications services
- Mis-configured network devices (including routers and firewalls)
- Vulnerable Unix services
- Potential for DoS (Denial of Service) attacks
- Privilege escalation attacks
- Vulnerable web server software
- Vulnerable DNS (Domain Name Service) servers
- Buffer/Integer overflow attacks and format string attacks
- Unnecessary/insecure network services running
Please get in touch for more details.