Let's Talk

or call 801-532-7444 today

Tanner LLC 
36 S. State St., Suite 600
Salt Lake City, UT 84111

United States
Phone: (801) 532 7444
Maps & Directions 
Sitemap

 

2019 Tanner LLC
All Rights Reserved.

  • Facebook Social Icon
  • LinkedIn Social Icon
  • Instagram
  • Twitter Social Icon

Let's Talk

NETWORK PENETRATION TESTING

Network Penetration Testing

 

Network Penetration Testing (or pen testing) is a full hacking test against a computer network.  Penetration testers will use all the same techniques as a malicious hacker to help identify weaknesses in the network.  The report includes a detailed description of each finding along with recommendations to help improve the overall security of the network.

More than just automated scans

At Tanner, we recognize that solely relying on automated scanning tools often leads to missed serious security flaws. We use a combination of industry-standard scanning tools and manual hacking techniques to test network systems. Our personalized services include methods of manually investigating and testing your network to provide more complete coverage and help uncover hidden vulnerabilities or security concerns that would otherwise go unnoticed.

 

Tanner’s Process

 

Tanner follows a comprehensive process for every penetration test.  Our hybrid testing process combines automated tools with manual testing to find hidden or previously unknown vulnerabilities. We understand that hackers constantly find new and creative ways to hack into a network, so we take the same approach during penetration testing.  This is a key component of effective network penetration testing, because it simulates the mindset of a real hacker and provides more realistic test results.

Below are some of the methods we use as part of the manual testing process:

  • Password Cracking (Brute Force/Dictionary)

  • HTTP Parameter Tampering

  • SQL Injection

  • Protocol Poisoning

  • Buffer Overflow

  • Session Hijacking

  • Network Service Probing

  • Packet Sniffing

Qualifications and Experience

Tanner’s penetration tests are performed by qualified, experienced security analysts, all of whom have earned industry-standard certifications. All engagements are lead by an analyst with at least one of the following certifications:

  • Certified Ethical Hacker (CEH)

  • Certified Information Systems Security Professional (CISSP)

  • Bachelor's Degree in IT Security

Security on multiple fronts

Our network penetration testing services offer comprehensive coverage for both your external and internal networks.

 

External Network Penetration Testing

We test your systems from an external location.  This simulates the actions of an attacker trying to break in from from outside the network.  External networks are attacked daily and need to be as secure as possible.

Internal Network Penetration Testing

We test your systems from inside your network.  This shows what an attacker might be able to access if a device on the network is compromised with malware, or if the attacker places a rogue device on the network.

FAQs

Will a penetration test slow down my network or affect my business operations?

 

Our team takes multiple precautions to ensure that your business operations and network remains fully functional during the penetration test. Our point of contact will maintain open and constant communication to arrange for times when using automated tools and more intrusive tests can be performed.

How often should a penetration test be performed?

 

While every organization’s needs are different, we generally recommend annual penetration testing to meet the requirements of various compliance standards. These annual tests will reveal any emerging vulnerabilities or hidden threats that could only be identified with thorough, regular, in-depth testing.

Penetration tests should also be performed whenever your network experiences:

  • Significant software or hardware modifications

  • Re-architecting of the network infrastructure

  • Modification of IS policies, procedures, or processes

 

Penetration Test Deliverable

 

After each test is performed, we deliver an actionable report containing the following information:

  • Executive Summary

  • Testing Methodology

  • Instructions on Recreating Test Results

  • Detailed Explanation Findings and Associated Risks

  • Recommendations for how to address each finding

The report highlights the gaps identified in tests, along with Tanner’s prioritized recommendations for remediating the identified risks. The end result is an improvement in the overall security of the application. Our findings take into consideration the size of the company and the sensitivity of its data when determining the importance and urgency of each recommendation.

Engage the security experts

Learn how Tanner’s security services can help you accomplish your specific business goals.

Tanner LLC