Stealth penetration testing (PEN testing) is a key method for allowing companies to determine how vulnerable their IT systems are to real world attacks by showing how well their existing security processes withstand intentional but unannounced exploits by seasoned cyber security specialists utilizing advanced hacking techniques. Progent offers one-time PEN testing or continual PEN testing performed as a remote management service.
Progent's cyber security consultants can safely provide in-depth penetration testing without warning internal IT personnel. Such testing uncovers whether existing security management mechanisms and procedures like intrusion detection alarms and event log monitoring are correctly set up and actively managed.
Penetration testing can include any of the following areas:
Progent consultants can utilize social engineering methods and public information to attempt customized password PEN testing using information like the names of an employee's family members, birth date, home address, and phone number. Progent team members can commonly uncover this information through Internet search and public records. Progent can uncover employee names/email addresses through publicly accessible data on the Internet, from PBX voice mail listings, public records filings, marketing materials and press releases, web sites, and receptionists.
- Run a series of port scanning utilities to spot open network connection vectors and to discover and characterize a customer's network environment and overall security level.
- Run a combination of exploit recognition utilities that test all open access vectors against an extensive database of known security gaps caused by servers that are not current on patches, out of date firmware/software, misconfigured servers and devices, and out-of-the-box or obvious passwords.
- Evaluate wireless network security by attempting local access from publicly accessible places such as parking areas, hallways, restrooms, and physically attached areas. Understanding of security methods utilized by WiFi infrastructure and running known exploit tools to gain access.
- Attempt to determine remote connectivity capabilities of the network and perform exploit and brute force attack methods to gain access through remote access gaps.
- Perform remote office security evaluation and testing, and determine whether remote sites can be used as a vector into the corporate network through VPNs or other private network infrastructure.
- Perform brute force identity and password attacks based on a trove of over 40 million possible passwords.
- For resources successfully penetrated, Progent cybersecurity professionals will manually use various hacker techniques to extend identified vectors to develop an understanding of the full network ecosystem and determine how many internal systems can be penetrated and compromised. This type of PEN testing can expose the real scope of the exposure of a network environment.
- Determine internal and external network addressing set up via email beaconing techniques.
- Launch various DoS attacks, in concert with top network management to seeif it is possible to halt or obstruct network productivity. Once proof of impact is recognized, such testing can be immediately ceased to avoid seriously affecting business productivity.
- Perform PBX phone system remote access and voice mail security testing.
- Implement continuous automatic penetration testing to define your internal/external attack surface and to detect ways that exploitable vulnerabilities, unsafe configurations, harvested credentials, uninstalled patches, and dangerous IT product defaults can be combined by threat actors into the multi-front attacks common to modern versions of ransomware.
Progent will generate a complete report of methods used and vulnerabilities uncovered during stealth penetration testing, along with a detailed list of recommended fixes. Progent can then work with internal IT staff to perform an audit and assessment of your actual security protection, set up, utilities, and processes and assist your company to design and deploy a solid cyber security plan.
ProSight Flat-rate Managed Services for Information Assurance
Progent's low-cost ProSight line of outsourced network management services is intended to provide small and mid-size businesses with enterprise-class support and state-of-the-art technology for all facets of information assurance and compliance. Managed services available from Progent include:
ProSight Network Audits
- ProSight Active Security Monitoring: Next Generation Endpoint Protection and Ransomware Defense
Progent's ProSight Active Security Monitoring is an endpoint protection (EPP) solution that incorporates SentinelOne's cutting edge behavior analysis tools to defend endpoints as well as servers and VMs against modern malware assaults such as ransomware and file-less exploits, which routinely evade traditional signature-matching AV products. ProSight ASM safeguards on-premises and cloud resources and offers a unified platform to address the entire threat progression including protection, detection, containment, remediation, and forensics. Top capabilities include single-click rollback using Windows Volume Shadow Copy Service and real-time system-wide immunization against new attacks. Progent is a SentinelOne Partner, dealer, and integrator. Find out more about Progent's ProSight Active Security Monitoring endpoint protection and ransomware recovery with SentinelOne technology.
- ProSight Enhanced Security Protection: Unified Physical and Virtual Endpoint Security
ProSight Enhanced Security Protection (ESP) services deliver affordable multi-layer security for physical and virtual servers, desktops, mobile devices, and Exchange Server. ProSight ESP utilizes adaptive security and advanced machine learning for continuously monitoring and reacting to cyber threats from all vectors. ProSight ESP offers firewall protection, intrusion alarms, device management, and web filtering via leading-edge technologies incorporated within a single agent managed from a unified control. Progent's security and virtualization experts can assist you to design and configure a ProSight ESP environment that meets your organization's unique needs and that allows you demonstrate compliance with legal and industry data protection regulations. Progent will assist you specify and configure policies that ProSight ESP will manage, and Progent will monitor your network and respond to alerts that require immediate attention. Progent can also assist your company to set up and verify a backup and restore solution such as ProSight Data Protection Services (DPS) so you can recover quickly from a potentially disastrous security attack such as ransomware. Learn more about Progent's ProSight Enhanced Security Protection unified physical and virtual endpoint security and Microsoft Exchange email filtering.
- ProSight DPS: Managed Backup and Recovery
Progent has worked with advanced backup/restore product vendors to create ProSight Data Protection Services (DPS), a portfolio of management offerings that provide backup-as-a-service (BaaS). All ProSight DPS products automate and monitor your backup processes and allow non-disruptive backup and rapid restoration of critical files, apps, images, plus VMs. ProSight DPS lets you recover from data loss caused by equipment breakdown, natural calamities, fire, cyber attacks like ransomware, user mistakes, ill-intentioned insiders, or software glitches. Managed backup services available in the ProSight DPS portfolio include ProSight Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro Office 365 Backup), ProSight ECHO Backup based on Barracuda purpose-built storage, and ProSight DPS MSP360 Cloud and On-prem Backup. Your Progent consultant can assist you to identify which of these fully managed services are most appropriate for your IT environment.
- ProSight Email Guard: Spam Filtering, Data Leakage Protection and Email Encryption
ProSight Email Guard is Progent's email filtering and encryption solution that incorporates the technology of top data security vendors to provide web-based control and comprehensive protection for your inbound and outbound email. The hybrid structure of Email Guard managed service integrates cloud-based filtering with an on-premises security gateway device to provide advanced protection against spam, viruses, Dos Attacks, DHAs, and other email-borne threats. The cloud filter acts as a preliminary barricade and keeps the vast majority of threats from making it to your security perimeter. This decreases your exposure to external threats and saves network bandwidth and storage. Email Guard's onsite security gateway appliance adds a further level of inspection for inbound email. For outgoing email, the on-premises gateway offers anti-virus and anti-spam filtering, policy-based Data Loss Prevention, and email encryption. The onsite security gateway can also help Exchange Server to track and protect internal email traffic that stays within your security perimeter. Learn more about Progent's ProSight Email Guard spam filtering, virus blocking, email content filtering and data loss protection.
- ProSight WAN Watch: Network Infrastructure Management
Progent's ProSight WAN Watch is an infrastructure monitoring and management service that makes it easy and inexpensive for small and mid-sized organizations to map out, monitor, reconfigure and troubleshoot their connectivity appliances such as routers, firewalls, and access points plus servers, printers, client computers and other networked devices. Incorporating cutting-edge Remote Monitoring and Management (RMM) technology, ProSight WAN Watch makes sure that infrastructure topology maps are always current, copies and displays the configuration information of almost all devices on your network, monitors performance, and generates notices when issues are discovered. By automating complex management and troubleshooting activities, ProSight WAN Watch can knock hours off ordinary chores such as making network diagrams, expanding your network, finding devices that need critical updates, or resolving performance problems. Find out more about ProSight WAN Watch network infrastructure management consulting.
- ProSight LAN Watch: Server and Desktop Monitoring
ProSight LAN Watch is Progent's server and desktop monitoring service that incorporates advanced remote monitoring and management (RMM) technology to keep your network running efficiently by checking the health of vital assets that drive your information system. When ProSight LAN Watch detects a problem, an alert is sent immediately to your designated IT staff and your assigned Progent engineering consultant so that all looming issues can be addressed before they can disrupt your network Find out more about ProSight LAN Watch server and desktop remote monitoring consulting.
- ProSight Virtual Hosting: Hosted VMs at Progent's Tier III Data Center
With Progent's ProSight Virtual Hosting service, a small or mid-size business can have its key servers and apps hosted in a secure Tier III data center on a high-performance virtual machine host set up and managed by Progent's network support experts. Under the ProSight Virtual Hosting model, the client retains ownership of the data, the operating system platforms, and the apps. Because the system is virtualized, it can be moved immediately to a different hosting environment without requiring a time-consuming and difficult reinstallation process. With ProSight Virtual Hosting, you are not tied one hosting service. Find out more about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Infrastructure Documentation Management
Progent's ProSight IT Asset Management service is an IT infrastructure documentation management service that allows you to create, update, retrieve and safeguard information about your IT infrastructure, processes, business apps, and services. You can quickly locate passwords or IP addresses and be warned about impending expirations of SSL certificates or domains. By cleaning up and organizing your IT documentation, you can eliminate up to half of time spent trying to find critical information about your network. ProSight IT Asset Management features a centralized repository for storing and sharing all documents related to managing your business network like standard operating procedures (SOPs) and self-service instructions. ProSight IT Asset Management also supports advanced automation for gathering and relating IT information. Whether you're making enhancements, doing maintenance, or responding to an emergency, ProSight IT Asset Management delivers the knowledge you need when you need it. Learn more details about ProSight IT Asset Management service.
- Patch Management: Patch Management Services
Progent's support services for patch management provide businesses of all sizes a flexible and cost-effective alternative for assessing, testing, scheduling, implementing, and tracking software and firmware updates to your dynamic IT network. Besides optimizing the protection and reliability of your IT environment, Progent's software/firmware update management services allow your IT team to concentrate on more strategic initiatives and tasks that derive maximum business value from your information network. Find out more about Progent's patch management services.
- ProSight Duo Multi-Factor Authentication: Access Security, Endpoint Policy Enforcement, and Protected Single Sign-on (SSO)
Progent's Duo MFA managed services incorporate Cisco's Duo cloud technology to protect against compromised passwords through the use of two-factor authentication. Duo enables single-tap identity confirmation with Apple iOS, Google Android, and other personal devices. Using Duo 2FA, whenever you log into a protected online account and give your password you are asked to confirm your identity via a unit that only you possess and that is accessed using a different ("out-of-band") network channel. A broad selection of devices can be used for this added form of ID validation including an iPhone or Android or watch, a hardware/software token, a landline phone, etc. You can designate multiple validation devices. For details about ProSight Duo two-factor identity validation services, go to Cisco Duo MFA two-factor authentication (2FA) services.
Progent's ProSight Network Audits offer a quick and affordable alternative for small and mid-size businesses to get an objective assessment of the overall health of their network. Powered by a selection of the top remote monitoring and management (RMM) tools in the industry, and supervised by Progent's world-class group of IT experts, ProSight Network Audits help you see how well the configuration of your essential infrastructure devices adhere to industry leading practices. The Basic and Advanced versions of ProSight Network Audit services are available at a low, one-time cost and provide immediate benefits like a cleaner Active Directory (AD) environment. Both versions also include a year of cutting-edge remote network monitoring and management. Benefits can include easier management, improved compliance with data security standards, higher utilization of IT assets, quicker troubleshooting, more reliable backup and restore, and increased uptime. Read more about Progent's ProSight Network Audits IT infrastructure review.
Progent's ProSight Ransomware Preparedness Report Service
The ProSight Ransomware Preparedness Report is an affordable service built around a brief interview with a Progent information assurance expert. The fact-finding interview is designed to evaluate your company's ability to block or recover quickly following an assault by a ransomware variant such as Ryuk, WannaCry, MongoLock, or Hermes. Progent will work with you personally to collect information about your existing AV defense and backup/recovery platform, and Progent will then deliver a custom Basic Security and Best Practices Report describing how you can follow industry best practices to deploy an efficient AV and backup environment that meets your company's needs. For additional information, refer to Progent's ProSight Ransomware Preparedness Report Service.
Contact Progent for Penetration Testing Consulting
To learn more about Progent's computer security help, call Progent at 800-993-9400 or see Contact Progent.
Ransomware 24x7 Hot Line: Call 800-462-8800
Progent's Ransomware 24x7 Hot Line is intended to assist you to take the time-critical first step in responding to a ransomware attack by containing the malware. Progent's remote ransomware expert can assist businesses to identify and isolate infected servers and endpoints and guard undamaged resources from being penetrated. If your system has been breached by any strain of ransomware, don't panic. Get immediate help by calling Progent's Ransomware Hot Line at 800-462-8800. For details, see Progent's Ransomware 24x7 Hot Line.