The single most reliable means by which to achieve a security-compliance designation for existing security frameworks (PCI-DSS, ISO 27001, SOX, HIPPA, COBIT) is through performing a full-scale penetration test of your installation. And as any company that engages in commerce and processes transactions across the internet doubtlessly knows, this is a complex, arduous, and very expensive proposition. Clone Systems, in response to these issues, has introduced an on-demand service that will provide compliance-level verification of your network in the most streamlined and cost-effective avenue available.

This is how it works: Clone Systems provides you unlimited usage of our PenTest web portal for seven days. During that time, you may run as many scans against your network as you wish. If you wish to continue the service for a second week, we will accommodate you with a significant discount.

Our company’s stature in network security is unquestioned. Clone Systems’ penetration testing resources, from encompassing on-site enterprise system audits to web application testing to remote solutions using our security console, meets or exceeds any other in the industry. Our work is guaranteed accurate and our pricing is notably competitive.

What CG-PenTest On-Demand Provides

Like any of our suite of penetration tests, our on-demand service is diligently granular. No point in your network that was heretofore vulnerable to hacking or intrusions will be after the test. Our battery of security management benchmarks are rigorous and uncompromising. Broadly speaking, our testing can be dissected into the following analysis and performance evaluation categories:

Reconnaissance encompasses passive and active reconnaissance tactics to identify and evaluate your network topology, active hosts, IP addresses, installed operating systems, open network ports, and all installed security devices.

Analysis entails performing application mapping, network scanning/fuzzing, and vulnerability analysis. It effectively identifies all applications running behind open network ports and their degree of potential vulnerability The Analysis stage typically involves running SQL Injection, Code Injection, Code Execution, Directory Traversal, and Cross Site Scripting against the web applications to expose any security anomalies.

Penetration employs the data derived from the Analysis stage to exploit the determined weak points of your network to attempt to gain access. Typically, the Penetration phase focuses primarily on vulnerabilities revealed for network services and externally facing web applications.

Information. This phase generates alerts once a vulnerability has been successfully exploited. A system restore is immediately performed to return the network to its previous state prior to the intrusion. A detailed report is generated on all areas of your enterprise for assessing how and why the intrusion was successful.

Finally, the Documentation phase reflects all testing results, all intrusions, the areas of the system that were compromised during an intrusion, intrusion-resistance recommendations, and qualitative analysis reports of each security mechanism employed on your network.

More specifically, our on-demand PenTest covers all the following functional and technical considerations”

• Internal and External Network Scanning
• Port Scanning
• System Fingerprinting
• Services Probing
• Exploit Research
• Manual Vulnerability Testing and Verification
• Manual Configuration Weakness Testing and Verification
• Application Layer Testing
• Firewall and ACL Testing
• Administrator Privileges Strength Testing
• Password Aging and Strength Testing
• Network Equipment Security Controls Testing
• Database Security Controls Testing
• Network Scan for Know Trojan/Hacker Ports
• Hardened Server/Device Configuration Testing
• Password Strength Testing
• Remediation Retest

Our PenTest, besides its unwavering accuracy, requires no investment in proprietary tools, hardware or network security engineers. We provide everything you need by way of our web-based Penetration Testing console. Through our solution you will achieve and maintain security compliance with the lowest possible overhead.

For more information and a demonstration of how our console works, contact one of our customer representatives.