where policy meets technology

  

( (01344) 780000   * info@armana.co.uk 

 

 
 
 

Penetration Testing

"You can't manage what you can't measure"... When an organisation is looking at their overall situation as far as systems and network security is concerned, often the first step is to understand where they are today in terms of systems and potential vulnerabilities that may exist on those systems. From this it is possible to draw up an action plan of how to address and minimise those risks. Often vulnerability assessment forms part of a gap analysis to see how compliant an organisation is with their security policy or against a standard such as BS7799.

Armana's consultants have a great deal of experience in providing such services and recognise that there is a "practical" side to any such service. After performing the consultancy, a report is produced which outlines any risks or vulnerabilities found together with an explanation of how these may practically impact an organisation together with recommendations for minimising such risks.

Armana is pleased to offer two services:

Vulnerability Assessment
 		 A vulnerability assessment is the identification of potential weaknesses in a system or systems that could be exploited to gain access to or steal data from the system in question. Using a range of commercial and public-domain tools, our consultants will quickly test the systems to identify any such vulnerabilities. The key skill is that, once the scans have been run, a "real-world" interpretation is put on the results to accurately inform you as to the real vulnerabilities. This service can be performed on site or across the Internet as required. A full report is produced which outlines any vulnerabilities found, their potential impact and also, where possible, instructions and advice on how to fix them, or at least minimise the impact of a breach.
 
Penetration Testing Penetration testing takes the vulnerability assessment to the next level. Once a scan has been performed to identify potential vulnerabilities, these are then exploited by one of our consultants to try and gain access to the system or systems in question. The testing then goes further to include (should you so wish) social engineering attacks (still one of the most successful forms of attack). Again, once complete, a full report is produced which outlines the results of the various tests and also suggested fixes. A presentation can also be prepared and given to executive or technical audiences.
 
 

 

 

 

 

 

 

 




 

 

 

More Information
Contact Us