Network Penetration Testing and Vulnerability Assessment

Network Penetration Testing and Vulnerability Assessment

Canaudit is a trusted authority on network penetration testing in the cybersecurity industry. We have the unique advantage of over 30 years of experience, specializing specifically in penetration and vulnerability assessment techniques.

Network Penetration testing and vulnerability assessments expose weaknesses within a network and can indicate whether an organization’s security systems effectively protect valuable assets. Our methodology includes simulations of real life attacks to uncover security gaps that can be exploited, leaving your organization at risk. Detection and response time are critical elements of our evaluation, ensuring that if there is a data compromise, your organization is prepared to act.

Our testing goes beyond the regulatory benchmarks. Our experts have first-hand knowledge of the methods and channels through which systems are most often exploited. During vulnerability assessment testing we employ the best automated vulnerability scanners and proprietary tools coupled with manual vulnerability and risk verification processes to comprehensively identify and document organizational risks. Our goal is to keep your proprietary assets safeguarded against cyberattacks and malicious use while transferring knowledge and acting as a guide for strategic remediation against today’s top risks.

Penetration testing and vulnerability assessment testing can be conducted on an announced or unannounced basis and can include the following:

  • Internal Network Penetration Test and Vulnerability Assessment
    The internal network testing will review the security of an organization’s internal network against vendor recommendations and industry best practices. This assessment includes an examination of the security on the Windows system, UNIX/Linux systems, network devices, and databases on the internal network.   This assessment may also include service accessibility, use of access control lists, patching, configuration weaknesses, user enumeration, account controls, attack detection and response, and unencrypted services.
  • External Network Penetration Test and Vulnerability Assessment
    The internet testing will review the security of an organization’s internet-facing hosts and services against vendor recommendations and industry best practices. This assessment includes system and service accessibility, use of access control lists, patching, configuration weaknesses, user enumeration, account controls, attack detection and response, and unencrypted services.
  • Wireless Penetration Test and Vulnerability Assessment
    The wireless testing will review the security of wireless networks and management solutions against vendor recommendations and industry best practices. This assessment includes an examination of wireless encryption protocols, wireless passwords, rogue access points, and improper network segmentation.
  • Web Application Penetration Test and Vulnerability Assessment
    The web application testing will review the security of web application against vendor recommendations and industry best practices. This assessment is recommended for site commissioning, third-party assurance, post-attack analysis, and audit and regulatory purposes where a high-quality, thorough, independent review is required.
  • Dial-up Penetration Test and Vulnerability Assessment
    The dial-up testing will review the security of any installed modems against vendor recommendations and industry best practices. This assessment includes an automated modem scan, also known as a war dial, of the organization’s phone numbers and examination of authentication and lockout controls on any identified modems.