Network Outsourcing for Small and Mid-size Companies

Stealth penetration testing (PEN testing) is a crucial means of enabling organizations to find out how exposed their IT systems are to cyber threats by showing how successfully their corporate security processes hold up against authorized but unannounced exploits by seasoned security experts using the latest hacking tools and techniques. Progent offers on-demand penetration testing or continual penetration testing delivered as a remote management service.

Progent's cyber security experts can safely provide thorough penetration testing without the knowledge of internal IT personnel. Such testing uncovers whether existing security monitoring mechanisms and procedures like intrusion detection alerts and event log monitoring are properly configured and actively managed.

Stealth PEN testing can include any of the following areas:

• Use a series of port scanning utilities to spot open network access vectors and to identify and profile a client's network infrastructure and general security posture.
• Deploy a combination of exploit identification utilities that test all open connection vectors against a large database of known security gaps resulting from servers that are not up to date on security patches, out of date firmware/software, poorly configured servers and devices, and default or common installation passwords.
• Assess WiFi network security by trying to gain on-site access from publicly available places including parking lots, hallways, bathrooms, and physically adjacent floors. Understanding of security techniques utilized by WiFi infrastructure and executing familiar exploit tools to gain access.
• Attempt to understand remote access capabilities of the network and use exploit and brute force techniques to gain access through remote access gaps.
• Perform remote office security evaluation and testing, and determine whether remote sites can be used as a vector into the corporate network through VPNs or other private network infrastructure.
• Perform brute force account and password attacks based on a trove of more than 40 million possible passwords.
• For resources successfully penetrated, Progent cybersecurity professionals will manually use assorted hacker techniques to broaden such exploit vectors to gain a picture of the full network ecosystem and see how many internal systems can be accessed and compromised. This type of security testing can expose the real extent of the exposure of a network environment.
• Determine internal and external network addressing configuration via email beaconing methods.
• Perform various Denial of Service attacks, coordinated with senior network management to seeif it is possible to stop or hinder network operation. After proof of impact is recognized, such testing can be immediately ceased to avoid seriously impacting business productivity.
• Perform PBX remote access and voice mail security assessment.
• Provide continuous automatic PEN testing to define your internal/external attack surface and to detect ways that exploitable vulnerabilities, misconfigurations, stolen credentials, uninstalled patches, and unsound product defaults can be chained together by threat actors into the multi-vector attacks common to modern versions of ransomware.

Progent will provide a complete report of methods utilized and vulnerabilities uncovered during stealth PEN testing, along with a comprehensive list of recommended fixes. Progent can then cooperate with internal IT team members to perform an audit and evaluation of your in-place security protection, configuration, tools, and processes and help your company to develop and deploy a solid security solution.

ProSight Low-Cost Managed Services for Information Assurance
Progent's low-cost ProSight series of network management outsourcing services is intended to provide small and mid-size businesses with enterprise-class support and state-of-the-art technology for all facets of information assurance. Managed services offered by Progent include:

• ProSight Active Security Monitoring: Next Generation Endpoint Protection and Ransomware Recovery
  ProSight Active Security Monitoring is an endpoint protection (EPP) solution that utilizes SentinelOne's cutting edge behavior-based machine learning tools to guard endpoints as well as servers and VMs against new malware attacks such as ransomware and email phishing, which routinely get by traditional signature-based AV tools. ProSight ASM safeguards local and cloud resources and offers a single platform to address the complete threat progression including blocking, infiltration detection, mitigation, remediation, and forensics. Top capabilities include one-click rollback with Windows Volume Shadow Copy Service and real-time system-wide immunization against newly discovered threats. Progent is a SentinelOne Partner, reseller, and integrator. Find out more about Progent's ProSight Active Security Monitoring next-generation endpoint protection and ransomware defense with SentinelOne technology.

• ProSight Enhanced Security Protection: Unified Endpoint Security
  Progent's ProSight Enhanced Security Protection services deliver affordable multi-layer protection for physical servers and virtual machines, workstations, mobile devices, and Exchange Server. ProSight ESP uses adaptive security and advanced machine learning for continuously monitoring and responding to security threats from all attack vectors. ProSight ESP offers firewall protection, penetration alarms, endpoint management, and web filtering via cutting-edge technologies packaged within one agent managed from a single console. Progent's security and virtualization experts can help your business to plan and configure a ProSight ESP environment that addresses your organization's specific needs and that helps you prove compliance with legal and industry data security standards. Progent will help you define and configure security policies that ProSight ESP will enforce, and Progent will monitor your network and react to alerts that require urgent action. Progent's consultants can also help you to install and verify a backup and disaster recovery system like ProSight Data Protection Services (DPS) so you can recover quickly from a destructive security attack such as ransomware. Read more about Progent's ProSight Enhanced Security Protection (ESP) unified endpoint protection and Exchange email filtering.

• ProSight Data Protection Services: Managed Backup and Recovery
  Progent has worked with advanced backup technology companies to produce ProSight Data Protection Services, a selection of subscription-based management offerings that deliver backup-as-a-service (BaaS). All ProSight DPS products manage and monitor your data backup processes and enable non-disruptive backup and rapid restoration of vital files, applications, images, and VMs. ProSight DPS helps your business recover from data loss caused by hardware failures, natural calamities, fire, cyber attacks such as ransomware, user error, ill-intentioned insiders, or application bugs. Managed services available in the ProSight Data Protection family include ProSight DPS Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro Office 365 Backup), ProSight DPS ECHO Backup using Barracuda dedicated storage, and ProSight DPS MSP360 Hybrid Backup. Your Progent expert can assist you to determine which of these managed services are most appropriate for your network.

• ProSight Email Guard: Inbound and Outbound Spam Filtering, Data Leakage Protection and Content Filtering
  ProSight Email Guard is Progent's email filtering and encryption platform that incorporates the technology of leading data security companies to provide centralized control and comprehensive protection for your email traffic. The powerful structure of Email Guard combines a Cloud Protection Layer with an on-premises security gateway appliance to offer complete protection against spam, viruses, Dos Attacks, DHAs, and other email-based threats. Email Guard's cloud filter serves as a first line of defense and blocks the vast majority of threats from reaching your network firewall. This reduces your vulnerability to inbound threats and saves system bandwidth and storage. Email Guard's on-premises security gateway device adds a further layer of analysis for inbound email. For outbound email, the onsite security gateway offers AV and anti-spam protection, policy-based Data Loss Prevention, and email encryption. The local security gateway can also assist Exchange Server to track and safeguard internal email that originates and ends within your corporate firewall. Find out more about Progent's ProSight Email Guard spam filtering, virus defense, email content filtering and data loss prevention.

• ProSight WAN Watch: Network Infrastructure Management
  ProSight WAN Watch is a network infrastructure management service that makes it easy and affordable for smaller businesses to diagram, monitor, reconfigure and debug their networking appliances such as switches, firewalls, and wireless controllers plus servers, endpoints and other devices. Incorporating state-of-the-art Remote Monitoring and Management technology, ProSight WAN Watch ensures that network diagrams are always updated, copies and manages the configuration information of virtually all devices connected to your network, monitors performance, and sends notices when potential issues are detected. By automating complex network management activities, ProSight WAN Watch can cut hours off ordinary chores like making network diagrams, reconfiguring your network, finding devices that need important updates, or resolving performance bottlenecks. Find out more details about ProSight WAN Watch network infrastructure monitoring and management services.

• ProSight LAN Watch: Server and Desktop Remote Monitoring
  ProSight LAN Watch is Progent's server and desktop remote monitoring service that uses state-of-the-art remote monitoring and management (RMM) techniques to help keep your IT system running efficiently by tracking the state of vital assets that drive your information system. When ProSight LAN Watch uncovers a problem, an alarm is sent immediately to your designated IT personnel and your assigned Progent engineering consultant so all looming issues can be addressed before they have a chance to impact your network Find out more about ProSight LAN Watch server and desktop remote monitoring services.

• ProSight Virtual Hosting: Hosted Virtual Machines at Progent's Tier III Data Center
  With ProSight Virtual Hosting service, a small or mid-size organization can have its key servers and apps hosted in a protected Tier III data center on a fast virtual machine host set up and maintained by Progent's network support experts. With Progent's ProSight Virtual Hosting model, the customer owns the data, the operating system platforms, and the apps. Because the environment is virtualized, it can be moved easily to an alternate hosting environment without requiring a lengthy and technically risky configuration procedure. With ProSight Virtual Hosting, you are not locked into a single hosting service. Learn more about ProSight Virtual Hosting services.

• ProSight IT Asset Management: Network Documentation Management
  ProSight IT Asset Management service is a cloud-based IT documentation management service that allows you to create, update, find and safeguard data related to your IT infrastructure, procedures, business apps, and services. You can quickly find passwords or serial numbers and be warned about impending expirations of SSLs or domains. By cleaning up and organizing your IT documentation, you can eliminate up to half of time spent searching for critical information about your IT network. ProSight IT Asset Management features a common location for holding and sharing all documents related to managing your business network such as recommended procedures and How-To's. ProSight IT Asset Management also supports advanced automation for collecting and relating IT data. Whether you're planning enhancements, performing regular maintenance, or reacting to an emergency, ProSight IT Asset Management gets you the knowledge you need the instant you need it. Learn more about Progent's ProSight IT Asset Management service.

• Progent's Patch Management: Software/Firmware Update Management Services
  Progent's managed services for software and firmware patch management offer businesses of any size a versatile and affordable solution for evaluating, validating, scheduling, implementing, and documenting updates to your dynamic information system. In addition to optimizing the security and functionality of your IT environment, Progent's software/firmware update management services permit your IT team to focus on more strategic initiatives and tasks that derive maximum business value from your network. Read more about Progent's software/firmware update management services.

• ProSight Duo Two-Factor Authentication: Access Security, Endpoint Remediation, and Secure Single Sign-on (SSO)
  Progent's Duo authentication managed services incorporate Cisco's Duo cloud technology to defend against stolen passwords by using two-factor authentication (2FA). Duo enables single-tap identity confirmation on Apple iOS, Android, and other out-of-band devices. Using Duo 2FA, when you sign into a protected application and give your password you are requested to verify who you are via a device that only you have and that is accessed using a different network channel. A wide selection of out-of-band devices can be used for this added form of ID validation including an iPhone or Android or wearable, a hardware/software token, a landline telephone, etc. You can register multiple verification devices. For more information about ProSight Duo two-factor identity authentication services, refer to Cisco Duo MFA two-factor authentication services.

Progent's ProSight Ransomware Preparedness Report Service
Progent's ProSight Ransomware Preparedness Report is an affordable service based on a brief phone interview with a Progent backup/recovery consultant. The interview is designed to help evaluate your organization's preparedness either to block or recover rapidly after an assault by a ransomware variant like Ryuk, WannaCry, NotPetya, or Hermes. Progent will work with you directly to collect information about your existing security profile and backup/recovery platform, and Progent will then deliver a custom Basic Security and Best Practices Report detailing how you can follow industry best practices to deploy an efficient AV and backup environment that aligns with your company's needs. For more information, refer to Progent's ProSight Ransomware Preparedness Report Service.

Contact Progent for Penetration Testing Consulting
To learn more about Progent's network security engineering help, phone Progent at 800-993-9400 or go to Contact Progent.

Ransomware 24x7 Hot Line: Call 800-462-8800
Progent's Ransomware 24x7 Hot Line is designed to guide you to carry out the urgent first phase in responding to a ransomware attack by containing the malware. Progent's remote ransomware expert can help you to identify and quarantine breached devices and protect undamaged resources from being compromised. If your system has been penetrated by any version of ransomware, don't panic. Get help quickly by calling Progent's Ransomware Hot Line at 800-462-8800. For more information, visit Progent's Ransomware 24x7 Hot Line.