Perimeter Security Assessment & Penetration Testing

Blog: CheckPoint Zonealarm Anti-virus exploit zero-day by illumant (View Blog)

Local Exploitation of WCF Services within ZoneAlarm Anti-Virus Software to Escalate Privileges (Click here to view post)

Perimeter Security Assessment & Penetration Testing (PSA)

External vulnerability assessment, Manual Validation, and Penetration Testing of internet-facing networks, systems, sites, and applications (i.e., the hacker’s perspective). Includes identification, Manual Validation, and benign exploitation of vulnerabilities, along with actionable recommendations for remediation and improved security. Provides assurance that internet-facing networks and systems are protected against hackers and malware.

WHY ILLUMANT?

^#1We're the best ‐ We're not just making this up. Our clients tell us that we're the best pen-testing firm they've worked with. And we have some great clients.

0Zero-days ‐We don't just find the vulns that everyone already knows about, we find new and undiscovered vulnerabilities as well – meaning with us you are ahead of the hackers.

Outstanding Deliverables – We take pride in producing highly informative and visually appealing reports. Following our recommendations will significantly improve your security.

OUR CLIENTS

Get a Quote

Highlights

Penetration testing using custom-built and known exploits to determine actual severity.

Illumant's pentesting and manual testing techniques are continually updated through research and participation in hacker forums and conferences (e.g. BlackHat, DEFCON, SANS)

Manual testing to identify additional vulnerabilities missed by automated scanning tools.
Testing can be conducted overtly or covertly (with or without notifying IT and security personnel).
Industry-leading open-source and commercial vulnerability discovery tools.

A cross section is used to limit exposure to the limitations of any single tool, and reap the benefits the strengths each tool provides

Manual validation to eliminate false positives and confirm findings.
Scanning to baseline vulnerabilities and security risks
Classification of severity of findings
Remediation recommendations
Benchmark analysis of results vs. industry
Free retesting within six months of the initial assessment.

Targets

Internet-facing networks, systems, applications, services, ports, and protocols:

Web sites
Web applications (non-credentialed testing)

For credentialed testing see Web Application Security Assessment (WASA)

Servers
VPNs
Firewalls
Border Routers
Internet-facing services (FTP, Telnet, SSH, and many more)
100,000+ known vulnerabilities, client-specific vulnerabilities in custom applications, configurations and software

External Vulnerability Assessment Manual Validation Penetration Testing Practical Remediation Advice exploits

Internet-Facing Systems/Networks Web Sites Web Applications (without credentials) Servers Routers Firewalls VPNs

PCI HIPAA GLB NERC CIP Best-Practices

External

External/Internal

Internal

Platform-specific

Organizational

Other

Blog: CheckPoint Zonealarm Anti-virus exploit zero-day by illumant (View Blog)

Perimeter Security Assessment & Penetration Testing (PSA)

^#1We're the best ‐ We're not just making this up. Our clients tell us that we're the best pen-testing firm they've worked with. And we have some great clients.

0Zero-days ‐We don't just find the vulns that everyone already knows about, we find new and undiscovered vulnerabilities as well – meaning with us you are ahead of the hackers.

Outstanding Deliverables – We take pride in producing highly informative and visually appealing reports. Following our recommendations will significantly improve your security.

Highlights

Targets

Assessments

Compliance

Security Awareness Training

Other Links

Contact Information

Currently in Palo Alto