External Assessment
View Datasheet
Foundstone internet security consultants follow a tried, tested, and proven methodology to conduct superior internet security assessments. By focusing on protecting the right assets from the right threats with the right measures, the highest levels of assurance and business value are achieved.
The process begins with securing internet-connected devices on your network. Foundstone internet security consultants identify and thoroughly test potential points of attack after enumerating every live host, open port, and available service. These vectors are often found in routers, firewalls, DNS servers, web servers, database servers, and even legacy hosts that have no internet-related business purpose. Foundstone attempts to identify all vulnerabilities and focuses on areas in which a compromise would have the greatest impact and create the highest risk to your business. We also understand the policies and regulations that drive the need for security, especially for e-commerce and financial services. Our analysis is not disruptive to your organization, with minimal or no impact on staff and business productivity.
Footprint Analysis and Information Gathering
The Footprinting and Information Gathering phase results in a detailed blueprint of your company's network and its internet security profile—the two major components to measuring the network's overall risk. Our internet security consultants approach footprinting without significant prior knowledge about your company's network. This allows us to achieve thorough mapping and overcome any blind spots you might have. We gather domain names, IP network ranges, and information about hosts, such as operating systems and applications.
Vulnerability Scanning
The information gathered during the Footprint Analysis and Information Gathering phase is used to perform the Vulnerability Scanning phase and penetrate vulnerable systems. Foundstone takes a holistic view of the network and chains multiple, low-risk vulnerabilities in order to achieve a high level of access into the target network. This vulnerability linking typically culminates in pilfering sensitive data such as password hashes, restricted databases, or attaining specific trophies that your company identifies.
Penetration Testing
Foundstone's penetration testing provides the most thorough test of internet defenses available. Foundstone internet security consultants scrutinize Internet systems for any weakness or sliver of information that could be used by an internet attacker to disrupt the confidentiality, availability, or integrity of internet-connected systems.
Foundstone's proprietary Penetration Testing methodology is divided into two essential phases for a comprehensive, detailed understanding of your company’s network and how best to protect your most important assets.
For those organizations that require the most thorough penetration testing activity on their networks, Foundstone offers a variety of options that include social engineering, denial of service testing, IDS/incident response validation exercises, and more.
Foundstone External Security Assessment gives you the best of both worlds by performing a penetration test as a sub-component of the External Security Assessment. This enables you to see if your network can be penetrated from the outside and gives you a comprehensive list of all security vulnerabilities on your perimeter network.
Foundstone offers a Vulnerability Assessment that utilizes Foundstone’s award winning Foundstone Enterprise software. The vulnerability assessment provides a rapid and efficient inventory of the devices, services, and vulnerabilities of internet-connected networks.
This service allows an organization to schedule, contract, and execute third-party network assessments more quickly and at the lowest possible price while still gaining the benefit that comes from using the same commercial scanning tool used by some of the largest and most sophisticated security departments in the world--Foundstone Enterprise. Foundstone consultants analyze the results and develop an accompanying executive summary which details trends, architectural, and systemic issues.
Contact us to learn how our security services can help you protect your most important assets today.
