CST CST 02076219740 Information & System Security
 
Security Management
Network Security
Managed Security Services
Remote & Mobile
Network Administration
METHODOLOGY

CST
Education & Training
Consultancy Services
Penetration Testing
Testimonials
CST Corporate Brochure
ABOUT CST

Security Solutions
Network Security
Managed Security Services
Remote & Mobile
Network Administration
SOLUTIONS

Alerts & Bulletins
FREE Security Bulletin
CST Security Newsletter
SECURITY ALERTS
CST 

Penetration Testing

One of the key steps to measure Operational Risk is the need to identify and understand network vulnerabilities. The end result is the same, although the motives may be different and typically embrace one or more of the following five objectives

  1. Policy mandate to undertake periodic testing.
  2. Acceptance of a new system in regards to its security stance.
  3. Validate that a previously discovered exploit has been adequately closed.
  4. Ad hoc sanity check of security precautions.
  5. Compliance & Audit directives.

Pen testing is ideal tool to improve an organisation's security posture.

Types of tests

  • Infrastructure (Public, Private, WAN's, LAN's, Mobile phone and VoIP)
  • Application (Native web apps as well as legacy hybrid systems).
  • Network (Desktop, Server, Profiles and Data)
  • RAS & VPN (lost laptop, VPN, War dialling and Wifi).
  • Social engineering (Access procedures, staff awareness and operational behaviour)

    • If you need to learn to how to conduct the tests, as opposed to subcontract the testing then please consider an ethical hacking course.

    If you require more information such as estimated costs, time scales, reference material, or availability then please use the enquiry form or contact our customer services team.
    Opinion

    "Pen testing is a specialised discipline that encompasses a lot more than simply running a Vulnerability Assessment (VA) tool. Pen tests should follow formal procedures, use a multitude of scan tools and more importantly be undertaken by experienced engineers who can interpret the VA results to create stronger cascading attack scenarios. The test should also be undertaken by staff independent of any other function to ensure the tester provide objective and impartial reports. "

    Nigel Lewis, CST

    "As a public body, network security is very important to us. As such we regularly test and verify our security precautions, one such method is to use out-tasked penetration services. CST has been providing such expert services for over 5 years ."

    Colin Milne, Senior Support Engineer
    Angus District Council

    Features & Benefits
    Features
    • Undertaken by engineers using CESG, CoCo and Crest guidelines to ensuring that the quality of test and the tester.  
    • Staff that are solely dedicated to frontline testing and operational security support.
    • All Staff operate independent from any other dept; as such there is no conflict of interest and complete dedication.
    • 10 years of experience and a mass of reference sites and customer endorsements
    Benefits
    • Detailed report, with management summaries and priority rankings
    • Cost effective, whilst testing is a specialised subject it does need to be expensive.
    • One-to-one walkthrough and discussion to fully explain results.
    • Comprehensive testing options to cover every need.
    Would you like a Product Evaluation? YESNO
    Resources
    CST Sample Report
    CST Citrix Sample Report
    Where is Your Achilles Heel?
    Infrastructure Testing
    Application Testing
    RAS & VPN Testing
    Social Engineering Testing
    FAQ's
    CST Corporate Brochure
     
    Information & System Security