Evaluate
Infrastructure Security
Network / Cloud Evaluation
Resolve all identified issues with expertise and precision
Reduce risk, costs, and legal liabilities as a result of Cyber
Protect your reputation, clients and data from adversaries
Network/Cloud Evaluation Methodology
During a network/cloud evaluation, Sentry examines any identified vulnerabilities to determine whether they can be exploited by an attacker to compromise targeted systems or used to gain access to sensitive information. Host and service discovery compiles a complete list of all accessible systems and their respective services with the goal of obtaining as much information about your internal, Intranet assets as possible. This includes initial live host detection, service enumeration, and operating system and application fingerprinting. In particular, the discovery process will focus on identifying critical assets and major technologies in the environment such as Active Directory, ACS, and critical applications and databases.
Internal Networks
Port Scanning
Fingerprinting
Services Probing
Vulnerability Testing
Manual Verification
Firewall Testing
ACL Testing
Show your partners and clients that you care with an executive security report and exclusive website badge
Identify security vulnerabilities affecting your applications
Understand the risk posed by identified vulnerabilities
Show your clients and stakeholders you're secure
White Box Testing
In white box testing, conversely, the client shares in-depth knowledge of the internals of the systems being tested. That understanding is used to simulate attacks that directly assess how secure the systems actually are.
The benefits of this method are as follows:
Highly Effective – Guarantees a much larger and detailed coverage of assessment
Expert Recommendations – Maximizes remediation quality.
Black/Grey Box Testing
This methodology requires no or minimal prior information about the target network or application. it’s a real-world hacker attack scenario. It’s preferred because it enables the security experts to look at various levels of security controls from an attackers perspective. This is usually the best approach because it enables security teams to think out of the box and perform tests on all levels according to practical expertise and knowledge.
The benefits of this method are as follows:
Realism – Emulates how a real cyber attack would affect systems.
Rapidity – Guarantees speed and adheres to industry standards,
Internal Network and Port Scanning
System Fingerprinting
Services Probing
Manual Vulnerability Testing and Verification
Manual Configuration Weakness Testing and Verification
Firewall and ACL Testing
Administrator Privileges Escalation Testing
Network Equipment Security Controls Testing
Database Security Controls Testing
Technical Report
We document all findings on a technical level in order to increase the remediation efficiency. Our documentation helps your developers understand the origins of identified vulnerabilities, and includes detailed steps on how to mitigate vulnerabilities according to industry standards.
Executive Summary
An executive summary will be professionally written specifically for your organization, outlining the successes during the engagement, remediation efforts, and an expert opinion by one of our senior staff members on the security and safety of your technologies which can be shared and shown to all clients, partners, and stakeholders.
Strategic Recommendations
As part of our Security Testing activities, we provide extensive cyber security consulting for management and executives in relation to their technology in an effort to address identified issues in order to empower their technological departments, reward cyber security initiative, and allocate resources towards security.
Free Follow-up Testing
After each security assessment is completed, meaning that you have been given all of the documentation and the guidelines for remediation, Sentry work with you to coordinate timelines in order to conduct a follow-up test in order to check if everything has been remedied and fixed properly. We ensure that your technologies are protected.
+383 (0) 49 686 668
[email protected]