Pen Test
Penetration testing goes beyond vulnerability scanning to use multistep and multivector attack scenarios that first find vulnerabilities and then attempt to exploit them to move deeper into the enterprise infrastructure. Since this is how advanced targeted attacks work, penetration testing provides visibility into aggregations of misconfigurations or vulnerabilities that could lead to an attack that could cause serious business impact. As a minimum, penetration testing provides a means for prioritizing the highest risk vulnerabilities.
Vulnerability Management
- Eagle Tech plans, develops and executes vulnerability scans of organization information systems
- Identifies and resolves false positive findings in assessment results
- Performs reconnaissance and information collection on the target environment or attack surface
- Identifies potential weaknesses and vulnerabilities on assets (i.e., end points, applications, users)
- Validates weaknesses via exploitation, and reports their findings
Governance and Data Validation
- Maintains and enhances the documentation standard for discoveries and reporting of malicious tactics, techniques and procedures
- Updates security policies and procedures
- Recommends security controls and/or corrective actions for mitigating technical and business risk
- Creates hypotheses for analytics and testing of threat data
- Analyzes data from threat and vulnerability feeds and analyzes data for applicability to the organization
Communication
- Generates reports on assessment findings and summarizes to facilitate remediation tasks
- Works with developers to advise on security needs and requirements
- Shares lessons learned, initial indicators of detection and opportunities for strengthening signature based detection capabilities
- Collects information from a wide variety of sources, and aggregates the information relevant to the company’s security environment