Stealth penetration testing (PEN testing) is a key method for enabling companies to find out how exposed their IT systems are to cyber threats by showing how well their current security processes hold up against intentional but unannounced exploits by veteran cyber security experts using advanced hacking techniques. Progent can provide on-demand penetration testing or continual penetration testing delivered as a managed service.
Progent's network security experts can safely implement in-depth penetration testing without warning a client's IT staff. So-called Stealth PEN testing reveals whether your current security management mechanisms and processes like intrusion alerts and event log monitoring are properly configured and actively monitored.
Stealth PEN testing can include any or all of the following areas:
- Run a series of port scanning utilities to spot open network access vectors and to discover and profile a client's network infrastructure and overall security posture.
- Run a combination of threat recognition tools that test all open connection vectors against an extensive database of familiar security gaps resulting from servers that are not current on patches, outdated firmware/software, poorly configured servers and infrastructure devices, and default or common installation passwords.
- Assess WiFi network security by trying to gain local access from publicly accessible places including parking areas, hallways, restrooms, and physically attached floors. Identification of security techniques utilized by WiFi infrastructure and running familiar exploit tools to get access to the network.
- Attempt to determine remote connectivity features of the network and perform exploit and brute force attack methods to gain access via remote access gaps.
- Perform remote office security evaluation and testing, and determine whether remote sites can be used as a vector into the corporate network through VPNs or other private network infrastructure.
- Execute brute force account and password attacks based on a trove of over 40 million possible passwords.
- For resources penetrated, Progent security professionals will manually deploy assorted hacker tricks to expand identified vectors to develop an understanding of the complete network environment and see how many internal systems can be penetrated and compromised. This type of security testing can expose the actual extent of the vulnerability of a network environment.
- Determine internal and external network addressing configuration via email beaconing techniques.
- Launch various DoS attacks, coordinated with top network management to determinewhether it is possible to halt or hinder network operation. After proof of impact is recognized, such activity can be instantly stopped to avoid seriously impacting business productivity.
- Carry out PBX phone system remote access and voice mail security testing.
- Implement continuous autonomous penetration testing to discover and fingerprint your internal/external attack surface and to detect ways that vulnerabilities, improper configurations, harvested credentials, missing patches, and unsound product defaults can be chained together by hackers into the multi-vector attacks typical of the latest variants of ransomware.
Progent consultants can utilize social engineering techniques and public information to attempt customized password PEN testing using information such as the names of an employee's family members, date of birth, residential address, and phone number. Progent experts can commonly find this information through Internet search and public records. Progent can discover employee names/email addresses through publicly available information on the Internet, from PBX voice mail directories, public filings, marketing collateral and press releases, web sites, and receptionists.
Progent will provide a complete report of techniques utilized and vulnerabilities exposed during stealth PEN testing, along with a comprehensive list of suggested remediation steps. Progent can then cooperate with internal IT staff to carry out an audit and assessment of your in-place security defense, set up, utilities, and processes and help your business to design and implement a solid cyber security plan.
ProSight Fixed-price Managed Services for Information Assurance
Progent's affordable ProSight portfolio of outsourced network management services is intended to provide small and mid-size organizations with enterprise-class support and state-of-the-art technology for all facets of information assurance. ProSight managed services offered by Progent include:
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Recovery
ProSight Active Security Monitoring (ASM) is an endpoint protection (EPP) service that utilizes SentinelOne's cutting edge behavior-based analysis tools to guard endpoint devices as well as physical and virtual servers against modern malware attacks like ransomware and file-less exploits, which easily get by legacy signature-matching AV tools. ProSight ASM safeguards on-premises and cloud-based resources and provides a unified platform to automate the complete malware attack progression including filtering, identification, containment, remediation, and forensics. Key capabilities include single-click rollback with Windows Volume Shadow Copy Service (VSS) and automatic system-wide immunization against newly discovered threats. Progent is a SentinelOne Partner, dealer, and integrator. Learn more about Progent's ProSight Active Security Monitoring (ASM) endpoint protection and ransomware defense with SentinelOne technology.
- ProSight Enhanced Security Protection (ESP): Unified Endpoint Security
ProSight Enhanced Security Protection managed services deliver affordable multi-layer protection for physical servers and virtual machines, desktops, smartphones, and Exchange email. ProSight ESP uses adaptive security and advanced heuristics for continuously monitoring and reacting to cyber threats from all attack vectors. ProSight ESP provides firewall protection, penetration alarms, endpoint management, and web filtering through cutting-edge tools packaged within a single agent managed from a single console. Progent's data protection and virtualization consultants can assist your business to design and implement a ProSight ESP environment that meets your organization's specific needs and that allows you prove compliance with legal and industry information protection standards. Progent will help you define and configure security policies that ProSight ESP will enforce, and Progent will monitor your IT environment and react to alerts that call for immediate action. Progent can also help your company to set up and test a backup and disaster recovery system such as ProSight Data Protection Services so you can recover rapidly from a potentially disastrous cyber attack like ransomware. Learn more about Progent's ProSight Enhanced Security Protection unified endpoint security and Exchange email filtering.
- ProSight DPS: Managed Backup
Progent has partnered with advanced backup product companies to create ProSight Data Protection Services (DPS), a portfolio of subscription-based offerings that deliver backup-as-a-service (BaaS). All ProSight DPS services automate and track your backup processes and allow transparent backup and fast recovery of important files, applications, images, plus VMs. ProSight DPS lets you avoid data loss caused by equipment breakdown, natural calamities, fire, malware like ransomware, user error, malicious insiders, or application bugs. Managed services available in the ProSight Data Protection product line include ProSight DPS Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro Office 365 Backup), ProSight ECHO Backup based on Barracuda purpose-built hardware, and ProSight DPS MSP360 Cloud and On-prem Backup. Your Progent consultant can help you to identify which of these managed services are best suited for your network.
- ProSight Email Guard: Inbound and Outbound Spam Filtering, Data Leakage Protection and Email Encryption
ProSight Email Guard is Progent's email filtering and encryption platform that uses the technology of leading data security vendors to deliver web-based management and world-class security for your email traffic. The powerful architecture of Email Guard integrates cloud-based filtering with an on-premises gateway appliance to offer advanced defense against spam, viruses, Dos Attacks, DHAs, and other email-borne threats. The Cloud Protection Layer serves as a preliminary barricade and keeps most threats from making it to your security perimeter. This reduces your exposure to external attacks and saves system bandwidth and storage. Email Guard's on-premises gateway appliance adds a deeper level of analysis for inbound email. For outgoing email, the onsite security gateway offers AV and anti-spam protection, protection against data leaks, and email encryption. The local security gateway can also assist Microsoft Exchange Server to monitor and safeguard internal email traffic that stays inside your security perimeter. Find out more about Progent's ProSight Email Guard spam filtering, virus blocking, email content filtering and data loss prevention.
- ProSight WAN Watch: Network Infrastructure Remote Monitoring and Management
ProSight WAN Watch is an infrastructure management service that makes it easy and affordable for small and mid-sized organizations to map, track, optimize and debug their networking hardware like routers and switches, firewalls, and access points as well as servers, printers, endpoints and other devices. Using cutting-edge Remote Monitoring and Management technology, ProSight WAN Watch ensures that infrastructure topology diagrams are always updated, captures and manages the configuration information of virtually all devices connected to your network, monitors performance, and generates notices when issues are detected. By automating time-consuming network management activities, WAN Watch can cut hours off ordinary tasks such as making network diagrams, expanding your network, locating appliances that require critical updates, or resolving performance issues. Find out more details about ProSight WAN Watch network infrastructure management consulting.
- ProSight LAN Watch: Server and Desktop Monitoring and Management
ProSight LAN Watch is Progent's server and desktop remote monitoring managed service that incorporates state-of-the-art remote monitoring and management (RMM) techniques to keep your network operating efficiently by tracking the state of vital assets that drive your information system. When ProSight LAN Watch detects a problem, an alert is transmitted automatically to your designated IT management staff and your assigned Progent engineering consultant so all potential issues can be addressed before they have a chance to disrupt productivity Learn more about ProSight LAN Watch server and desktop monitoring services.
- ProSight Virtual Hosting: Hosted Virtual Machines at Progent's Tier III Data Center
With Progent's ProSight Virtual Hosting service, a small or mid-size business can have its critical servers and apps hosted in a secure Tier III data center on a fast virtual machine host set up and maintained by Progent's network support experts. With Progent's ProSight Virtual Hosting service model, the client owns the data, the operating system platforms, and the applications. Because the environment is virtualized, it can be moved immediately to an alternate hardware solution without requiring a time-consuming and technically risky reinstallation procedure. With ProSight Virtual Hosting, you are not locked into a single hosting provider. Find out more details about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is a cloud-based IT documentation management service that allows you to create, update, retrieve and safeguard data related to your network infrastructure, procedures, applications, and services. You can instantly locate passwords or IP addresses and be warned about impending expirations of SSL certificates or warranties. By cleaning up and organizing your IT documentation, you can save as much as half of time wasted searching for vital information about your IT network. ProSight IT Asset Management includes a centralized location for storing and collaborating on all documents related to managing your network infrastructure such as recommended procedures and How-To's. ProSight IT Asset Management also supports a high level of automation for gathering and relating IT data. Whether you're planning enhancements, performing maintenance, or responding to a crisis, ProSight IT Asset Management gets you the data you need when you need it. Find out more about ProSight IT Asset Management service.
- Progent's Patch Management: Software/Firmware Update Management Services
Progent's support services for patch management offer businesses of all sizes a versatile and affordable solution for evaluating, validating, scheduling, applying, and tracking software and firmware updates to your dynamic information system. In addition to optimizing the protection and functionality of your IT network, Progent's software/firmware update management services permit your in-house IT staff to focus on more strategic projects and activities that derive the highest business value from your information network. Read more about Progent's patch management services.
- ProSight Duo Multi-Factor Authentication: Identity Validation, Endpoint Remediation, and Secure Single Sign-on
Progent's Duo authentication managed services utilize Cisco's Duo cloud technology to defend against password theft through the use of two-factor authentication. Duo supports single-tap identity confirmation with iOS, Android, and other personal devices. Using Duo 2FA, whenever you log into a protected online account and enter your password you are requested to confirm your identity on a unit that only you possess and that is accessed using a different ("out-of-band") network channel. A wide range of out-of-band devices can be utilized as this second means of authentication including an iPhone or Android or wearable, a hardware token, a landline phone, etc. You may register multiple verification devices. For details about Duo identity validation services, refer to Duo MFA two-factor authentication (2FA) services for access security.
ProSight Network Audits
Progent's ProSight Network Audits are a quick and affordable alternative for small and mid-size organizations to obtain an unbiased assessment of the overall health of their network. Based on a selection of the leading remote monitoring and management (RMM) platforms in the industry, and overseen by Progent's certified group of information technology experts, ProSight Network Audits help you see how closely the deployment of your core infrastructure devices conform to industry leading practices. Both the Basic and Advanced versions of ProSight Network Audit services are offered at a low, one-time cost and deliver instant ROI like a more manageable Active Directory (AD) system. Both also come with one year of cutting-edge remote network monitoring and management. Advantages can include lower-cost management, improved compliance with government and industry security standards, more efficient utilization of IT resources, quicker problem resolution, more dependable backup and restore, and higher availability. Learn more information about Progent's ProSight Network Audits IT infrastructure review.
The ProSight Ransomware Preparedness Report
The ProSight Ransomware Preparedness Report is a low-cost service centered on a brief phone discussion with a Progent backup/recovery consultant. The fact-finding interview is intended to evaluate your organization's preparedness either to stop or recover quickly after an attack by a ransomware variant such as Ryuk, WannaCry, NotPetya, or Hermes. Progent will consult with you personally to gather information about your existing AV defense and backup platform, and Progent will then produce a written Basic Security and Best Practices Report describing how you can apply best practices to build a cost-effective security and backup system that aligns with your company's requirements. For details, refer to The ProSight Ransomware Preparedness Report Service.
Contact Progent for Penetration Testing Consulting
For more information about Progent's network security engineering help, telephone Progent at 800-993-9400 or visit Contact Progent.
Ransomware 24x7 Hot Line: Call 800-462-8800
Progent's Ransomware 24x7 Hot Line is intended to guide you to carry out the urgent first phase in mitigating a ransomware assault by stopping the bleeding. Progent's online ransomware expert can help you to locate and isolate breached servers and endpoints and protect clean resources from being penetrated. If your network has been breached by any version of ransomware, act fast. Get immediate help by calling Progent's Ransomware Hot Line at 800-462-8800. For more information, visit Progent's Ransomware 24x7 Hot Line.