The challenge for any IT organization is to assess and prioritize information security vulnerabilities as they would be by an adversary practiced in cyber hacking tools and techniques. This requires a different perspective, tools and expertise than what traditional IT resources have on the team.
Dell SecureWorks Penetration Testing (Pen Test) services help you test your network security defenses and meet compliance with government or industry regulations. A penetration test (also known as ethical hacking) determines how well your organization's security policies protect your assets by trying to gain access to your network and information assets in the same way a cyber attacker would.
Leveraging elite cyber threat intelligence, we know what cyber-attacks are out there, and which are the most commonly used against institutions like yours. Our tests are finely tuned using this unique expertise and this translates into a more focused and effective penetration test.
|Achieve Compliance |
Dell SecureWorks Penetration Testing helps your organization meet annual compliance requirements.
|Test Your Network Security |
Dell SecureWorks Penetration Testing helps your organization test its security defenses so you can enhance your security posture.
|External Testing |
Dell SecureWorks can perform remote, external pen testing of your environment for weaknesses that could be exploited by an outside attacker.
|Internal Testing |
Dell SecureWorks can perform onsite penetration testing to evaluate security controls in place across your internal systems, applications, and internal corporate networks.
With Dell SecureWorks you can:
A penetration test subjects a system to real-world attacks selected and conducted by our security consultants. The benefit of a penetration test is to identify the extent to which a system can be compromised before an actual determined attack.
The Basic Penetration Test evaluates your network security defenses, helps you meet your compliance mandates for network testing, validates your configuration and patch management, and identifies the steps you can take to improve your security.
A Basic Pen Test will help you meet compliance requirements and validate for specific security risks that exist. Helps you prioritize remediation based on real risk to your organization. Leverages penetration testing resources and a vulnerability assessment in a combined service.
"How can I meet compliance and understand what risks I should prioritize for remediation?" "Can someone break into these systems?"
Scan a range of IPs looking for listening ports.
Glean as much information as possible from those open ports.
Catalogue known vulnerabilities for services found in previous steps.
Use consultants' expertise and years of security experience to verify findings.
Run exploit code to take advantage of found vulnerabilities.
The Full Penetration Test simulates a network-based attack to test your network security defenses, policies and practices, and provides the steps you can take to improve your security.
Assess your security posture. Test networks, systems and applications for security gaps and risk for purposes of improving the overall security posture of the organization.
"How can I assess the state of my security posture?" "Can someone break-in and what could one attain?"
Thorough searches of the various databases, scan tools, etc, to obtain as much information as possible about the target organization.
Actively trying to obtain user names, network share information and application version information of running services, limited only by agreed-upon rules of engagement and scope.
Map the profile of the environment to publicly known, or, in some cases, unknown vulnerabilities. Dell SecureWorks has a dedicated research department, which is constantly combing the "blackhat" community for new and emerging vulnerabilities.
Verify discoveries through professional IT Security consultants with years of security experience.
Gain privileged access to a target system by exploiting the identified vulnerabilities. The key to this phase is manual testing. No automated tool can duplicate the testing of an experienced penetration tester.
Use local vulnerabilities to gain the highest possible rights on the exploited system.
Use exploited system to execute previous steps, bypassing perimeter security.
The Dell SecureWorks Penetration Testing Final Report will incorporate all information security control area findings.
The report includes the following sections:
Recommendations are based on these root causes and prioritized for a risk-based remediation with an estimation of relative work effort. Any strong controls in place that have been identified are described, as well as their impact to the security of the organization. Descriptions of techniques used and the causes of success or failure are detailed, as appropriate.
Dell SecureWorks uses its own proprietary risk ranking methodology, which is designed to be easy to understand. This methodology presents risks as High, Medium and Low based on many factors, including ease of exploitation, information obtained or access granted.
Contact an Information Security Consultant at Dell SecureWorks for a further discussion on how we might be able to help with your specialized security needs.
Based on your interest in a Penetration Testing, you might also be interested in:
By completing this form you'll be opting in to receiving future communications about products and services from Dell SecureWorks.