Penetration testing helps organizations detect system weaknesses and vulnerabilities in advance of internal and external attacks. Proactive penetration testing can be performed periodically to evaluate system defenses, assess security policy enforcement and ensure critical assets are properly protected.
Vanguard Penetration Testing services discover high-risk vulnerabilities, determine if sufficient defenses are in place, offers remediation guidance, and recommends a plan and methodology for ongoing testing.
How Penetration Testing Works
Vanguard Penetration Testing includes a rigorous review of security policies, procedures and configuration controls to identify gaps in security that could be exploited by internal and external attackers. Vanguard security consultants determine the current security posture of the enterprise environment.
Vanguard Penetration Testing includes:
- Reconnaissance utilizing network mapping tools, networking sweepers and port scanning tools to identify possible points of entry, including TCP and UDP ports.
- Identification of TCP and UDP services that provide appropriate transport layer protection.
- Vulnerability scan and analysis of discovered network services, applications and functionality on targeted systems.
- Analysis of identified exploitations of systems and services on the network layer and applications running in the environment.
- Analysis of identified exploitations from within z/OS to attempt privilege escalation.
- Comprehensive report with details of penetration vulnerabilities, severity rankings, remediation instructions, and plans for ongoing testing.
Highlights
- Identifies penetration risks on z/OS Security Servers.
- Protects security and ensures compliance.
- Ensure procedures meet industry and regulatory standards.
- Provides remediation plan to correct penetration vulnerabilities.
- Transfer knowledge to security staff.
