Elevate offers both Internal and External Network Vulnerability testing that will identify the weaknesses in network security without the usual dangers of exploitation or more intrusive testing. The Internal Vulnerability Assessment examines the internal network systems for any weakness that could be used to disrupt the confidentiality, availability, or integrity of the network. Penetration tests are different from vulnerability assessments because they add manual exploitation of vulnerabilities to determine what information is exposed and for lateral movement through the network to identify additional weaknesses within your systems and networks.
Elevate follows a phased and methodical approach to effectively and efficiently perform the tests. The steps include:
– Servers – Elevate performs detailed vulnerability discovery and scanning using a comprehensive suite of commercial and open source tools targeting server-based systems.
– Workstations – In addition to the comprehensive security testing executed on the server based systems in the environment, this phase executed thorough vulnerability scanning, confirmation and manual testing techniques targeting a representative sampling or entire population as requested by you.
– IP Enabled Devices – In addition to the server and workstation testing, if requested Elevate will perform the vulnerability scanning across additional IP-enabled devices (e.g. printers, phones, cameras, network device management) within the address ranges specified.
Identified vulnerabilities are reviewed and validated internally and with you in an effort to eliminate false positives. Manual testing procedures are also executed to identify flaws not easily identifiable with automated tools and coordinated and controlled exploitation of targeted issues were performed to demonstrate impact and allow for further vulnerability exploitation exercises.