Information Security ServicesEmail EncryptionSecurity AssessmentsManaged Security ServicesPenetration TestingVulnerability AssessmentBusiness Continuity Plans

What network needs a
penetration test?

Is your IT team confident that the corporate network is securely protected?
Do your security systems protect the corporate network as well as expected?
Could hacker attacks result in financial loss, damage to reputation, or legal risk?
What are your vulnerabilities? How do you protect yourself?

Penetration Testing

A penetration test subjects a system to the real-world attacks selected and conducted by the testing personnel. The benefit of a penetration test is to identify the extent to which a system can be compromised before the attack is identified and assess the response mechanism’s effectiveness. Penetration tests generally are not a comprehensive test of the system’s security and should be combined with other independent diagnostic tests to validate the effectiveness of the security process.

Redhawk will perform a blind penetration test. Specific attacks will be performed based on the type of server and services found from the initial blind analysis, and then Redhawk will gather information for further testing.  All findings will be documented in the penetration test report.

  • Network Surveying – Results include domain names analysis, a theoretical network topology and information regarding ISPs, system and service owners.

  • Port Scanning - Port scanning is used to identify which tcp and UDP ports on externally visible hosts are accepting connections from the Internet.

  • System Identification – Identification of target operating systems by analyzing tcp and udp packets to and from the testing host.

  • Services Identification - Utilizing the information obtained, attempt to identify network applications or what traffic is allowed to connect.

  • Vulnerability Exploitation – Analysis of vulnerabilities through attempts to exploit them. A vulnerability indicates areas that may be exploited and identifies threats that can compromise an asset. Redhawk would attempt to execute the attack after a review of the scan with client team. Any exploits would require client permission through the Redhawk change control system.

  • Password Cracking – If passwords are found from intelligence gathering, tools will be used to crack passwords and may be used further to exploit access to internal assets.

  • Denial of Service Analysis – Denial of service threats will be documented without intrusive testing.





Security Solutions
Information Security Services
Email Encryption
Security Assessments
Managed Security Services
Penetration Testing
Vulnerability Assessment
Business Continuity Plans
     Products
Partners
E-mail Security from McAfee
Encrypted Email by Voltage
EMC Showcase
     Compliance Portal
Compliance Portal Overview
Online Assessments
     Contact Us
About Us
Contact Us
Redhawk Team Certifications
Request a Consultation
Search Redhawk
Privacy Policy
CVE Lookup
Testimonials
Sitemap