What is Infrastructure Penetration Testing?
Infrastructure Penetration Testing is a simulated attack to test security flaws within a company. It can be either internal to your network or externally internet facing.
Through this process, Vectra will work hard to find any weaknesses and also locate gaps between policies and procedures.
By identifying threats to security, companies are able to fix issues before an attack occurs. Being proactive about security shows your commitment to keeping data protected.
Vectra will provide a report on how to improve your security to stop any data breaches from internal or external attackers.
How is the test performed?
Vectra performs assessments by simulating attack in 2 ways.
- Internal – testing whether secure areas of your network are separate from a standard user’s environment. In essence, ensuring your card data environments are different from your day to day data.
- External – reviewing your firewall’s ability to restrict access to non-authorised users while allowing access for authorised users.
Being a leader in this field, Vectra has developed a 6 step approach to infrastructure pen testing.
- Information Gathering – collecting data to prepare a security attack
- Threat Modelling – designing ways to test the weaknesses
- Vulnerability Analysis – defining the possible points of entry
- Exploitation – attempting to gain sensitive data
- Post Exploitation – evaluating the level of risk based on known weaknesses
- Reporting – providing a detailed report of strategies to improve your security
Our approach ensures weaknesses are found so an improvement process can occur. Vectra will provide a detailed report and propose the best way to fix any security threats.
Benefits of Infrastructure Penetration Testing
Once our 6 step process is complete, you can enjoy these benefits:
- Increase in company data security
- Assurance you’ve met compliance requirements for PCI DSS, SOX, GLBA and HIPAA
- Assurance customer data is safe