Penetration TestingKeeping The Bad Guys Out
Penetration Testing determines how well your organization's security policies protect your assets by trying to gain access to your network and information assets in the same way a hacker would. Tests can range from an overview of the security environment to attempted "hacking" with the intent of obtaining investigative information.For Networks
Harvard Partners' penetration testing services mimic an attacker intent on accessing your organization's customer data, financial records and other sensitive information. We target a point of entry via your network or application infrastructure's "weakest link", which may be visible to employees and partners in addition to external hackers. We then determine the business impact of gaining access to your network and its resources. For each engagement, we work with you to define the attack profiles most appropriate for your organization and test for:
- How difficult it is to obtain data from inside, or outside your network
- Which information is at risk
- What measures should be implemented to protect your assets
Application penetration testing uses a three-step process to exploit your application either via authorized access or by compromising access control mechanisms:
- Identify security weaknesses resulting from implementation errors or from the application's relationship to rest of your IT infrastructure.
- Perform tests on the application's built-in security measures.
- Log in as a low-level user and obtain unauthorized access rights and privileges.
At a minimum, we test for the following issues: cross-site scripting, SQL injection, XML injection, path traversal and response splitting.
Why Harvard Partners?
Harvard Partners understands the need to balance investment in security with other IT initiatives. We deliver successful security strategies and phased, seamless, and scalable implementations. We create teams of your staff, vendors, and third-party consultants delivering industry best practices designed to work in your environment.
Our methods create a supportive and collaborative environment where direct dialog, simplified reporting, productive meetings, and clear responsibility and accountability encourage active participation resulting in consensus-based processes and decisions.