Comprehensive network penetration testing
A TierFive penetration test mitigates any potential threat or damage by preemptively identifying the extent to which a system can be compromised before an actual attack occurs. TierFive’s security group boasts credentials second to none; with verifiable top secret federal clearances.
Penetration Test Overview
- Scope Determination – its vital that we determine your organization’s needs, document any agreed upon rules of engagement parameters, set expectations and deliver accordingly.
- Discovery Phase – scour whois databases, war dialing, port sniffing passive active scan tools, to obtain as much information as possible about the target. We also leverage on traditional means such as social media sites, blogs, Usenet postings and Social Engineering tactics.
- Enumeration Step – utilize discovery results such as domain names, ip schema, hardware preference, vendor preference and leverage in order to actively obtain account names, user names, network share information, application version information, determine running services, (Our Scope is limited only by previously agreed-upon rules of engagement)
- Vulnerability Mapping – TierFive’s security group will map the profile of the target environment to publicly known, or often identify unknown vulnerabilities.
- Exploitation Testing will exploit any identified vulnerabilities in an attempt to circumvent security and gain privileged access to the target system. TierFive employs parallel but mutually exclusive automated tactics and the art of actual manual testing.
- Report Findings we fully document all methodologies findings and a prioritized matrix of actions, work efforts, and resolution recommendations. TierFive will formally report to the technical point of contact, review and provide clarification at the conclusion of testing.
- Remediation Support – TierFive is available to provide additional support for findings and implementing recommendations, or any remediation efforts.
What Sets TierFive Apart?
Our tests can range to meet client needs from high-level network security overviews to actual attempted “hacking” with the intent of obtaining investigative information from within your network via a technical exploit or social engineering. TierFive also provides our most security conscious clients with ongoing perpetual penetration services and monthly certification.
The TierFive Advantage
TierFive can either work in conjunction with your IT resources or completely autonomous as a litmus test. Our approaches are specifically designed to gain access to your network and information assets in the same ways that a hacker inevitably will. Our deliverable will fully document methods, exploits, results and provide solution path.