Scribd Logo
Carica

Benvenuto in Scribd!

  • Grey Hat + Penetration Testing

    Caricato da

    Andres Acosta
    31 visualizzazioni2 pagine
    gryhat

    Titolo originale

    Grey Hat

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    gryhat

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    31 visualizzazioni2 pagine

    Grey Hat + Penetration Testing

    Caricato da

    Andres Acosta
    gryhat

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 2

    Grey Hat +

    Penetration Testing

    GRAs Grey Hat + Pen Testing (GHPT) service is a comprehensive suite designed to evaluate an organizations
    perimeter, public, and private network security. We utilize advanced techniques developed from years of expertise
    within the US government and private sector. These experiences include penetrating the networks of Americas
    adversaries, such as, terrorists and narcotics organizations.

    GHPT evaluates the network environment, server infrastructure, and human elements that comprise your
    companys information security posture. During this assessment, GRA will:

    Develop a network topology


    overview and gather intelligence
    on the companys information
    security posture

    Conduct intrusion exercises,


    penetration testing, and
    socially engineered attacks
    against all discovered
    network assets

    Assess perimeter
    and internal network
    vulnerabilities

    Identify remediation and


    mitigation steps based
    on testing

    www. globalriskadvisors.com|info@globalriskadvisors.com

    TESTING METHODOLOGY
    GHPT simulates the means and methods of a sophisticated attacker operating against an organizations
    network. Our testing components include, but are not limited to:
    BASIC NETWORK INTRUSION to evaluate the
    resources available within each network level.
    ADVANCED NETWORK INTRUSION to evaluate
    the resources vulnerable to custom attacks.
    PERIMETER NETWORK INTRUSION to evaluate
    the resources vulnerable to network hopping,
    security control errors, privileged user oversight,
    and system gapping measures.

    SOCIALLY ENGINEERED ATTACK VECTORS to


    evaluate all internal and external security controls
    to guard against basic and custom spearphishing
    campaigns.
    PRIVILEGED USER ATTACK VECTORS to
    evaluate all internal and external security controls
    as they specifically relate to threats from insiders,
    administrators, and executive privileged users.

    GRA uses a variety of automated, public, and custom tools for exploits, penetration tests, and socially
    engineered attacks.

    GHPT is part of the Network Vulnerability Assessment component of GRAs more comprehensive
    Enterprise Cybersecurity Strategy

    Network Vulnerability
    Assessment

    Prevention

    Detection

    Response

    DELIVERABLES

    Regular Status Meetings

    Interim Deliverables

    Final Reports

    Inform clients of progress, challenges,


    and changes in plans throughout the
    course of testing

    Identify extreme vulnerabilities


    that pose immediate threats to
    clients networks, operations,
    or personnel

    Present findings and recommendations


    that highlight the goals achieved
    during the testing and tailored solutions
    for mitigation

    www. globalriskadvisors.com|info@globalriskadvisors.com

    Potrebbero piacerti anche