|
eCommerce Security World
|
|
Penetration Testing |
|
|
Try IT!
|
|
Our Penetration Test Team has been in existence for around ten years and consists for the most part of experienced engineers and technicians drawn from the technical faculties of highly respected Universities and Colleges. They participate in a continuous training programme as is required by the ISO 9001 standard.
Some of the engineers are qualified team-leaders under the CESG/DERA CHECK Service training scheme, which specifically trains "ethical hackers" for work within the UK government. A number of other Portcullis engineers are also in training under this scheme.
The Penetration Testing ServicesThe Penetration Test team uses various attack techniques to gauge the level of existing security. If necessary, the Portcullis Assessment Team will augment the findings of the team by complementary research and a site survey.Drawing upon the results of the assessment, a Risk Management Programme will identify those vulnerabilities that are exploitable within the current working practices. The programme will report the impact of the identified risks, and make recommendations in terms of re-medial action, based on the needs of business. Penetration testing is based on the management and control methodology recommended by CESG for testing connections to the UK Government Secure IntraNet (GSI) and other government systems. This is the foundation of an industry partnership between CESG and a small number of security specialists, known as the CHECK SERVICE. Portcullis is one such specialist company, providing a comprehensive penetration test service that assesses the vulnerabilities of the system, the efficiency of management strategies, and the vigilance of the end-user. Research into the known vulnerabilities of the current system architecture, is provided in support of the Penetration Test Team by laboratory technicians from the Portcullis Technical Support Team. These specialists submit IT and communications security products to rigorous testing and evaluation, in order to select security devices for the Portcullis Product Portfolio. A by-product of this process is a unique and almost universal knowledge of the IT security market, the products and their flaws. In addition the Portcullis Support Services provide research into the attack techniques used by the intruder and details of those methods that might be deployed against the customer’s system. Thus the Portcullis Penetration Test Team is supported: by the Assessment Team in terms of risk assessment; the laboratory technicians in terms of hardware and software knowledge; and by the Support Team in terms of attack strategies. A fully comprehensive and highly acclaimed service.
|
|
|
|
|
|
