Vulnerability Assessment
During a vulnerability assessment, our trained IT professionals analyze a company’s network for security vulnerabilities, or weaknesses. We investigate workstations, firewalls, servers, and wireless connections.
We approach vulnerability testing by following a proven-effective sequence of steps:
- Take an inventory of the system.
- Assign a level of importance to each component (how critical is it for the component in question to be secure?)
- Scan each component for threats and vulnerabilities, finding the weaknesses of the components.
- Prioritize the most crucial of the identified vulnerabilities to quickly improve your network security stance.
Web Application Assessment
Web server and Web applications are exposed to threats around the world. Due to the infinite and increasingly intricate threats of the Web and its public-facing nature, Domain’s Web app assessments are ongoing and occur throughout the life of the application. Domain designed this process to uncover vulnerabilities, design flaws, and more. The goal of our Web app assessment is to perform an examination of the components and security mechanisms in place to protect the application, how the components interact, and what weaknesses exist. Domain also offers services to eliminate any weaknesses detected during the assessment.
Penetration Testing (Pen testing)
We perform purposeful software attacks on a computer system with the intent of uncovering a network’s security weaknesses (how easily can data be extracted from the computer system?).
- Identify the target systems and define the goal of the testing.
- Review the available information and take the necessary actions, such as performing an attack on the system.
By completing the above, we can determine if a system is vulnerable to cyber-attacks by assessing its performance during the strenuous and purposeful attack. Performing a penetration test will put significant pressure on a network’s defenses to determine if the network can be broken down or if the security measures are sufficient. Upon completion, we create and present a high-level report to the owner and/or executives of the firm. We also provide a more detailed, actionable report to the firm’s IT department.
The main goals of pen testing include:
- Identifying crucial system vulnerabilities
- Uncovering vulnerabilities that may be hard to see from the surface
- Determining the effect an attack would have on business operations
- Testing the strength of the network’s defense mechanisms
- Determining appropriate security measures to eliminate the uncovered vulnerabilities.