We conduct a test and review of your IS security using CORE IMPACT, an automated, comprehensive penetration-testing product. The steps in this penetration test are as follows:
- Information gathering -- Information is gathered regarding network access points to target hosts, and information about these hosts is identified.
- Attack and penetration -- Methods are used to find exploits in the targets in order to gain access into the system.
- Local information gathering -- Once system access is gained, a nondestructive agent is placed in the system to discover the same sort of information an unauthorized hacker would want to find.
- Privilege escalation -- An exploit can also be used to find information about other local hosts that may not necessarily be directly related to the target host.
- Clean up -- All installed agents are removed, and the host is returned to its original state.
- Report generation -- A report will be issued detailing the hosts that were tested, exploits that were found, and recommendations for correcting weaknesses.
