Technologies, business processes and security threats evolve. So does the vulnerability of your business networks. That’s why Neustar Professional Services offers a series of detailed assessments of your Internet infrastructure, both internal and public-facing. In each assessment, we conduct a full system analysis, including interviews with your staff, ranking your vulnerabilities, citing best practices and making recommendations so you can mitigate effectively.
Network Assessment: The Foundation
Let Neustar examine and report on your network and systems infrastructure, external and internal applications, change management processes and security policies/ procedures. Your lead engineer will walk you through our analysis and prioritized recommendations.
We’ll find security vulnerabilities, misconfigurations or gaps in best practices in:
- Misconfigurations/vulnerabilities of routing protocols, spanning tree protocol, and single points of failure in network topology resulting in denial of service, poor performance, etc.
- Misconfiguration/vulnerabilities of authentication protocols resulting in abuse or unauthorized use of wireless networks, network outages and poor performance; includes incorrect AP/client radio frequencies and insufficient failover for clients when you lose an AP
Firewalls, IDS/IPS Infrastructure
- Insufficient ingress or egress filtering that may result in data leaks, intellectual properly theft or unauthorized access to services
- Open recursive servers resulting in theft of services, enabling spammers, or denial of service
- Unpatched resolvers that could result in system compromise or denial of service, cache poisoning that directs users/employees to rogue web sites and credential theft
Electronic Mail Infrastructure
- Single points of failure in mail delivery
- Unpatched/misconfigured mail systems resulting in spam abuse
- Misconfiguration resulting in open mail relaying resulting in spammer abuse
Web Proxy or Filtering Systems
- Misconfiguration of web proxy or filtering systems resulting in abuse of network resources or violation of usage policies
- Downloading inappropriate/illegal content
- Consuming inordinate bandwidth
Other Applications or Infrastructure Specific to Your Environment
Vulnerability Assessment: A Deeper Look
Learn in greater detail how secure your network is. We’ll look for vulnerabilities related to third-party service providers, including ISP’s, hosting providers, DNS providers and more; Internet gateways (any point through which your traffic flows to and from your infrastructure); global IP addressing and routing policy; and IP addresses running applications accessed by employees or customers. Our experts will identify attack vectors and verify that your security policies meet best practices.
More specifically, we’ll examine:
Web Vulnerabilities Resulting in:
- Cross site scripting
- Remote code execution and denial of service
- Credential theft (customers or employees)
- Cookie injection scripting
- Expired SSL certificates
- Remote Desktop Protocol
- Other tunneling mechanisms
- Other vulnerabilities that could result in unauthorized network access or credential theft
Insufficient Encryption in Authentication Protocols
- SSH, HTTP, electronic mail
- Other vulnerabilities that could result in system compromise or credential theft
Generic Application Information Disclosure
- Internal IP addressing
- Credential leaks
- Internal network topology discovery
Penetration Testing: Ultimate Peace of Mind
After undergoing a vulnerability assessment (required), see what happens when skilled professionals try to penetrate your security. Using the same sophisticated tools and tactics as cyber criminals, we’ll attempt to exploit your applications and network infrastructure. Our team will explain how they succeeded in slipping past your defenses and outline ways you can prevent it from happening again. In fact, as we crack your network security we may find or confirm additional risks, threats apparent only after such deeper probing.
You’ll gain the ultimate confidence in assessing risks: which should be considered real, requiring mitigation. This is the very best way to be prepared for real-time risks and attacks.