A full end-to-end Penetration test requires considerable resources and planning typically out with small business IT budgets. The expensive part of this process is breaking into the network or system. So as alternative method Dunedin IT can perform external vulnerability assessment and then an internal one. We take the approach, that if someone was successfully breaching your network, what possible damage could be done.
A vulnerability assessment still performs some “Lightweight” penetration techniques.
- Security Scans – Ascertain what services are available on your various IT systems
- Vulnerabilities – Do these services have any known weaknesses
- Basic Passwords – Are any these services using common, simple or default passwords
- Countermeasures – What systems and process can be introduced to mitigate these risks
Penetration testing is taking the vulnerability assessment to the next level, acting upon potential security vulnerabilities.
- Exploiting – Taking information from vulnerability assessment and exploiting it
- Access – Once a vulnerability has been successfully exploited, can it grant internal access to systems or office network
- Ownership – Move from system to system in order to gain root or administrator level access and take full control
- Trophies – These trophies could be directors passwords, confidential information, accounts etc. These samples can be used to show the ramifications of the company vulnerabilities to the decision makers.
We don’t have any case studies to view but here are a selection of the organisations we have help with assessments and certifications:-
- Architectural Practices
- Technical Businesses
- Security Firms
- Design Agencies
- Engineering Firms
- Professional Services
Along with vulnerability assessments we have help organisations with Cyber Essentials and Cyber Essentials Plus. Find our more about the government backed security certification.
Why Dunedin IT?
Need guidance before inspection or certification?
Assessment that is realistic and small business budget friendly
Allow the business to understand the risks and make decisions
Assess, identify and fix – One stop solution provider
Would you like a second opinion or view from a different perspective?