Valicom Net and our business partner Logosnet Services LTD joint expertise to offer Penetration Tests & Vulnerability Scans at affordable prices.
Penetration Test (Vulnerability Scan)
Relatively low cost. Depending on scope
Regulation Requirements: PCI DSS 11.2
A vulnerability scan is performed using a combination of automated approved tools. A Managed Security Service Provider (MSSP) or qualified technician then manually reviews and confirms the results.
Vulnerability scans should be conducted continuously, but at least quarterly, especially after installing new equipment or making any other significant changes.
Vulnerability scans identify areas of risk either within your network or areas outside of your network that could be exploited by a hacker.
Penetration Test
Regulation Requirements: PCI DSS 11.3
11.3.1 for External Penetration Testing
11.3.2 for Internal Penetration Testing
Moderate to high cost
A penetration test is a simulated attack against your network infrastructure or information systems that attempts to evade or overthrow the security features of system components. It is designed to exploit discovered weaknesses and determine your level of risk. It can be performed internally or externally.
A penetration test is performed by a “Hacker” or “Ethical Hacker” who is skilled at accessing systems and networks using a variety of tools and techniques. Vulnerability scanning may be utilized by an ethical hacker as one method of finding potential attack vectors.
On average, penetration tests should be performed at least once a year and especially after installing new equipment or making any significant changes. Effective 1/2018, the PCI DSS will require service providers to test segmentation bi annually.
Summary
A vulnerability scan is typically automated, while a penetration test is a manual test performed by a security professional. Here’s a good analogy: A vulnerability scan is like walking up to a door, checking to see if it is unlocked and stopping there. A penetration test goes a bit further; it not only checks to see if the door is unlocked, but it also opens the door and walks right in.
How can we help your Company?
- Identify your actual security posture
- Identify Weaknesses
- Align with industry security standards (e.g. PCI-DSS)
- Raise security awareness
- Mitigate your overall cyber risk
- Collect and document all findings in a well-structured report
Package A: Up to 50 Assets good for most of SMEs:
- External and Internal Penetration Testing
- Web Application Penetration Testing
- Wireless Penetration Testing
- Remote Access (VPN) Penetration Testing
Contact us for pricing.
Package B: Unlimited Assets
good for most of large enterprises:
- External and Internal Penetration Testing
- Web Application Penetration Testing
- Wireless Penetration Testing
- Remote Access (VPN) Penetration Testing
- Social Engineering
Contact us for pricing.