- follow us
Solutions
Methodology
Hackers seeking to compromise your data do not utilize commercial scanners that cost tens or hundreds of thousands of dollars. Our unique penetration testing methodology uses only manual and script-targeted attacks to identify weaknesses in perimeter or internal security
Critical Assets tests commonly known vulnerabilities, various iterations and patch levels of those vulnerabilities, as well as common misconfigurations. This approach will better align your organization for other technical controls which are required during the process of complying with various standards, such as PCI-DSS - providing a framework for measured response. The Payment Card Industry Data Security Standard mandates that organizations who handle cardholder data must perform external, internal, and web application penetration testing, specifically:
- 6.6 - For public-facing web applications, address new threats and vulnerabilities on an ongoing basis and ensure these applications are protected against known attacks by reviewing public-facing web applications via manual or automated application vulnerability security assessment tools.
- 11.3 Perform external and internal penetration testing at least once a year and after any significant infrastructure or application upgrade or modification (such as an operating system upgrade, a subnetwork added to the environment, or a web server added to the environment).
Most Recent Blog Posts
30
2011
Anatomy of a Spear Phishing Attack
by slivingston
Most large organizations employ an impressive technological arsenal of perimeter and inter...read more
02
2011
Google blames China for phishing attack. China Denies Allegations.
by mharrigan
War Games II. This time it's Matthew Broderick against a whole city full of trained Chines...read more
