Whether you’re looking for a straightforward and reliable vulnerability assessment to keep tabs on internal or external network vulnerabilities; a full wheels-up manual penetration test to give your network a thorough workout; or to validate the build of a newly launched system, Intertek NTA can tailor its testing to suit.
Quality, depth and accuracy of penetration tests can vary greatly between the different organisations providing these services – despite them holding the same accreditations. At Intertek NTA, we want our services, our reports and our people to be held in high regard by our clients, so we will not simply rely on automated, high level scanning from a commercial or freeware tool. Whilst our testing does incorporate the use of such tools, it is enhanced through the use of our own test engines and the experience, knowledge and ability of our people, providing a more manual and rounded penetration test.
Our range of tests, below, can be performed remotely or onsite, from a credentialed or non-credentialed perspective, once-off or regularly, and in combination with any of our services, to provide a depth and breadth of testing appropriate to the target system, data and perceived risk.
Intertek NTA’s application tests frequently identify issues from the OWASP Top Ten list of most critical vulnerabilities, with advice then being provided on how to apply the most appropriate fix.
Regular network level testing reduces the likelihood of attackers being able to deface a web site, take control of a server, access the internal network, interrupt internet connectivity, or gain unauthorised access to corporate or other user’s sensitive data.
Remote & mobile access testing provides an examination of remote access systems, mail gateways and Mobile Device Management (MDM) solutions, testing for vulnerabilities within the configuration of the portals and authentication mechanisms.
This test will establish the resilience of mobile devices, such as laptops, tablets and smartphones which connect to the client network, to withstand attack should they fall into the hands of unauthorized users, and the potential for valid users to abuse their privileges and access rights.
The objective is to identify, test and audit any access points and management devices located within a physical site to establish if it is possible to gain unauthorized access to the network via these devices.
A VoIP security test provides an assessment of the configuration and security of the system, and determines if the corporate voice and data networks have been appropriately segmented.
A poorly configured desktop or laptop could allow an employee to deliberately or unwittingly bypass security settings or ignore security updates, leading to an otherwise avoidable security incident. A review from Intertek NTA will ensure that you have covered all the security bases.
Regardless of the time and money spent on protecting your data with the latest security technology, it is the people and processes within an organisation that can often be the weakest link. Our external and onsite social engineering exercises will allow you to establish where the vulnerabilities lie and will highlight how improving your peoples’ reaction to such attempts will protect your information.
A website build review provides a detailed assessment of the installation and configuration of a company’s systems. By choosing this type of focused assessment, you would ensure that systems have been built, configured and deployed against relevant industry or compliance standards.