Real World Intrusion Testing
Insomnia believes that each project requires a security review as part of the Security Development Lifecycle, but as well as securing each component you need to have an understanding of your current external security posture. This is what Real World Intrusion Testing provides.
A determined attacker will not try to gain access to your network through the front door, especially if the window is open. Security reviews are often done which are confined to the single IP address of the application server. This is of little help if the development, or test environment is sitting on an externally accessible IP address.
Real World Intrusion Testing involves reviewing the entire external perimeter with none or little information provided. Insomnia will test the externally accessible applications and network devices in the same manner as would any real world attacker, not confined by IP address, time windows, or attack vector boundaries.
Review Includes
- Custom penetration testing over an extended period of time
- Physical location review and attack
- Network discovery and vulnerability assessment
- Social engineering and human factor attacks
- War dialling, PABX, VOIP and voice mail system attacks
Full service descriptions, methodologies and sample reports are available upon request
