|
Security Scan
Positioning: Partially automated, unpriviledged security testing
from the perspective of an attacker with the skill level of a script
kiddie.
The security scan assesses the general security level throughout
the test scope. The testers are systematically looking for all vulnerabilities during the testing time (though with much less testing depth than a penetration
test). All vulnerabilities found will be documented in the final report.
Unlike with a penetration test, the majority
of the testing is carried out partial-automatically. With a security
scan, the security vulnerabilities found are then verified
(unlike with a vulnerability scan), which means that false
positives can be minimized. The detailed feature table shows the characteristics of the various technical test types offered by OneConsult.
Procedure
The results are presented in the form of a manually
compiled short final report of around 8-12 A4 pages. This short report covers only the vulnerabilities with the highest threat potential. All the tool-generated
reports and raw data, the dump files (recorded network traffic),
and the action log (record of all actions performed by tester) are
supplied on a data storage medium.
OneConsult GmbH is ISECOM
Licensed Auditor (ILA), Platinum Level and ISECOM Partner (Accredited Trainer) and our security consultants
are ISECOM certified in various areas of expertize (OPST = OSSTMM
Professional Security Tester, OPSA = OSSTMM Professional Security
Analyst, OSSTMM-Trainer), guaranteeing that the tests will be thorough
and professional and that documentation of the results will be informative
and comprehensive.
We offer security scans for individual applications
or systems (as a complement to the application
security audit) as well as wired (e.g. Internet, DMZ and
LAN/WAN) and wireless networks (e.g. WLAN, Bluetooth, GSM/UMTS or infrared).
Penetration Test
If the project budget allows, we recommend a
penetration test
for deeper and more informative security testing (including the calculation of the security level) and reports.
Modular expansions
The basic module security scan can be extended with several optional supplementary modules.
If you're interested in OneConsult and
you'd like a no-obligation consultation or more information, please contact us.
Further Information
| 
