Facebook Twitter Linked In
Panacea InfoSec

Panacea InfoSec has been performing Network Penetration Testing for its customers for over 5 years. Our team is highly experienced and trained in the latest tools and techniques used by individuals and organizations that commonly compromise networks and the systems within to obtain access to confidential data and critical resources. The results of every Penetration Test presented by Panacea InfoSec include complete details on the systems and network identified, exploitation results, and both tactical and strategic recommendations.

External – Network Penetration Testing

The core ideal around our Network Penetration Testing methodology is to organize and to iteratively test the target environment from the most general components to the most specific. In this way we can effectively model attack scenarios that highlight risk from the largest, most complex environments down to the most simple, and anywhere in between. The entire testing process is primarily manual to limit generic results from scanners and checklist methods used in general vulnerability assessments. In this way Panacea InfoSec can focus the engagement on directed attack logic based testing against systems and networks.

Internal – Network Penetration Testing

Internal threats comprise the greatest risk facing many organizations today. Internal corporate LAN/WAN environments are structured to allow users greater amounts of access with fewer security controls. As layers of security between a would-be attacker and sensitive data are removed the risk of compromise greatly increases. Panacea InfoSec  will work with you to structure an internal penetration test in a way that meets your business needs, and creates minimal business impact. Keeping with the structured methodology for penetration testing, Panacea InfoSec maps the same iterative approach to the internal network. For internal testing the most common test design is to have a Panacea InfoSec  consultant "report for work" as a regular employee or contractor, and utilizing normal to minimal system access levels that would be given to the role being simulated, iteratively test all access controls in an attempt to acquire critical data. This is only one testing option, and our security testing specialists will work with you to design the most effective testing scenario. As a benefit to our widely distributed clients, we have developed a remote probe appliance that can be placed anywhere in the world and allows our experts to remotely perform tests as if they were physically present within the environment.

The following illustrates some of the different vulnerability classes Panacea InfoSec covers during an internal network penetration test.

Penetration Methods We Test

Note: This is not intended to be a complete or exhaustive list and the actual tests performed are highly dependent on the target environment.

Secure Device Testing

There is an increased concern about the data loss perpetuated by mobile and embed devices where physically security controls are not possible. Devices such as corporate laptops, smart phones, embedded devices, and kiosks pose a greater threat if lost, stolen, or accessed via covert means. Panacea InfoSec can perform an in-depth "white box" or "black box" review of these devices and provide your organization with actionable changes to mitigate data-loss and exposure should they fall into the wrong hands.

Contact us