Stealth penetration testing (PEN testing) is a key means of enabling organizations to find out how exposed their IT systems are to cyber threats by showing how successfully their corporate security processes hold up against intentional but unannounced exploits by veteran cyber security experts using the latest hacking tools and techniques. Progent can provide one-time PEN testing or continual penetration testing delivered as a remote management service.
Progent's network security experts can safely implement thorough penetration testing without warning internal IT staff. So-called Stealth PEN testing uncovers whether existing security management tools and procedures such as intrusion alerts and event log monitoring are correctly configured and actively monitored.
Penetration testing can include any of the following areas:
- Use a combination of port scanning utilities to identify open network access vectors and to discover and profile a customer's network environment and overall security level.
- Deploy a series of threat recognition tools that examine all open connection vectors against a large database of known security gaps caused by servers that are not up to date on security patches, outdated firmware/software, poorly configured servers and infrastructure devices, and default or obvious passwords.
- Evaluate wireless network security by attempting on-site access from publicly accessible locations such as parking lots, hallways, restrooms, and physically adjacent spaces. Identification of security techniques used by WiFi networks and running known exploit utilities to gain access to the network.
- Try to determine remote connectivity features of the network and perform exploit and brute force techniques to get access through remote access infrastructure.
- Perform remote office security evaluation and testing, and determine whether remote sites can be used as a vector into the corporate network through VPNs or other private network infrastructure.
- Perform brute force account and password attacks using a trove of more than 40 million possible passwords.
- For resources penetrated, Progent cybersecurity professionals will manually use assorted hacker techniques to broaden identified vectors to develop a picture of the full network environment and see how many internal systems can be accessed and exploited. This class of security testing can reveal the real scope of the vulnerability of a network environment.
- Understand internal and external network addressing configuration via email beaconing techniques.
- Perform a variety of Denial of Service attacks, in concert with top network management to determineif it is possible to halt or hinder network operation. After proof of impact is recognized, such testing can be instantly ceased to avoid seriously affecting business productivity.
- Carry out PBX phone system remote access and voice mail security assessment.
- Implement continuous automatic PEN testing to map your internal/external attack surface and to detect ways that vulnerabilities, improper configurations, compromised credentials, overlooked patches, and unsound IT product defaults can be combined by hackers into the multi-front attacks typical of modern strains of ransomware.
Progent consultants can use social engineering techniques and public information to attempt customized password penetration testing based on information like the names of an employee's family members, date of birth, home address, and phone number. Progent experts can commonly find this data via Internet online search and public records. Progent can uncover employee names/email addresses via publicly accessible data on the Internet, from PBX voice mail listings, public filings, marketing materials and press releases, web sites, and office receptionists.
Progent will provide a full report of techniques utilized and vulnerabilities exposed during stealth PEN testing, along with a comprehensive list of recommended remediation steps. Progent can then work with internal IT team members to perform an audit and assessment of your in-place security protection, configuration, tools, and processes and assist your business to design and implement a comprehensive cyber security plan.
ProSight Flat-rate Managed Services for Information Assurance
Progent's low-cost ProSight series of outsourced network management services is designed to provide small and mid-size organizations with enterprise-class support and state-of-the-art technology for all aspects of information assurance. Managed services available from Progent include:
- ProSight Active Security Monitoring (ASM): Next Generation Endpoint Protection and Ransomware Recovery
Progent's ProSight Active Security Monitoring (ASM) is an endpoint protection service that utilizes SentinelOne's cutting edge behavior-based machine learning tools to defend endpoint devices and servers and VMs against modern malware attacks such as ransomware and file-less exploits, which routinely escape traditional signature-matching anti-virus products. ProSight ASM protects local and cloud-based resources and offers a unified platform to address the complete malware attack progression including protection, detection, containment, remediation, and forensics. Key features include one-click rollback with Windows VSS and real-time system-wide immunization against newly discovered attacks. Progent is a SentinelOne Partner, dealer, and integrator. Learn more about Progent's ProSight Active Security Monitoring (ASM) next-generation endpoint protection and ransomware recovery with SentinelOne technology.
- ProSight Enhanced Security Protection (ESP): Unified Physical and Virtual Endpoint Protection
Progent's ProSight Enhanced Security Protection (ESP) services offer affordable in-depth security for physical servers and virtual machines, workstations, smartphones, and Exchange Server. ProSight ESP uses adaptive security and advanced heuristics for continuously monitoring and reacting to cyber assaults from all vectors. ProSight ESP provides two-way firewall protection, intrusion alerts, device control, and web filtering through leading-edge tools incorporated within one agent managed from a unified control. Progent's data protection and virtualization experts can help your business to plan and configure a ProSight ESP deployment that addresses your company's specific needs and that helps you demonstrate compliance with legal and industry information protection standards. Progent will help you define and configure policies that ProSight ESP will manage, and Progent will monitor your network and react to alerts that call for immediate attention. Progent's consultants can also help you to set up and verify a backup and disaster recovery system such as ProSight Data Protection Services (DPS) so you can recover rapidly from a potentially disastrous cyber attack such as ransomware. Learn more about Progent's ProSight Enhanced Security Protection (ESP) unified endpoint protection and Microsoft Exchange email filtering.
- ProSight Data Protection Services: Managed Backup and Recovery
Progent has partnered with advanced backup/restore technology vendors to produce ProSight Data Protection Services, a selection of management offerings that provide backup-as-a-service. All ProSight DPS services manage and track your data backup operations and enable non-disruptive backup and fast recovery of vital files/folders, applications, images, and Hyper-V and VMware virtual machines. ProSight DPS helps your business avoid data loss caused by hardware breakdown, natural disasters, fire, malware such as ransomware, user error, malicious insiders, or software bugs. Managed services available in the ProSight DPS selection include ProSight Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro Office 365 Backup), ProSight ECHO Backup based on Barracuda purpose-built hardware, and ProSight MSP360 Cloud and On-prem Backup. Your Progent consultant can assist you to identify which of these fully managed services are most appropriate for your network.
- ProSight Email Guard: Inbound and Outbound Spam Filtering, Data Leakage Protection and Email Encryption
ProSight Email Guard is Progent's email filtering and encryption solution that uses the technology of top data security companies to deliver web-based management and world-class security for all your inbound and outbound email. The hybrid structure of Progent's Email Guard combines cloud-based filtering with a local gateway device to offer advanced defense against spam, viruses, Dos Attacks, Directory Harvest Attacks, and other email-based malware. Email Guard's cloud filter acts as a first line of defense and blocks most threats from reaching your network firewall. This decreases your vulnerability to inbound attacks and saves system bandwidth and storage space. Email Guard's on-premises gateway appliance adds a further layer of analysis for incoming email. For outgoing email, the local gateway offers anti-virus and anti-spam protection, policy-based Data Loss Prevention, and encryption. The local security gateway can also assist Exchange Server to monitor and protect internal email traffic that stays within your security perimeter. Learn more about Progent's ProSight Email Guard spam filtering, virus defense, email content filtering and data loss protection.
- ProSight WAN Watch: Network Infrastructure Management
ProSight WAN Watch is a network infrastructure monitoring and management service that makes it easy and affordable for smaller organizations to map out, monitor, optimize and troubleshoot their networking hardware such as switches, firewalls, and wireless controllers as well as servers, printers, client computers and other networked devices. Using cutting-edge Remote Monitoring and Management technology, ProSight WAN Watch ensures that network diagrams are always current, captures and manages the configuration information of almost all devices on your network, monitors performance, and generates alerts when issues are detected. By automating complex network management activities, WAN Watch can cut hours off ordinary tasks such as network mapping, reconfiguring your network, finding devices that require important updates, or isolating performance problems. Find out more about ProSight WAN Watch network infrastructure monitoring and management consulting.
- ProSight LAN Watch: Server and Desktop Monitoring
ProSight LAN Watch is Progent's server and desktop monitoring service that uses state-of-the-art remote monitoring and management (RMM) techniques to keep your network operating efficiently by tracking the state of vital computers that drive your business network. When ProSight LAN Watch detects an issue, an alarm is transmitted automatically to your designated IT management staff and your assigned Progent engineering consultant so that any potential problems can be resolved before they have a chance to disrupt your network Learn more details about ProSight LAN Watch server and desktop monitoring consulting.
- ProSight Virtual Hosting: Hosted Virtual Machines at Progent's Tier III Data Center
With Progent's ProSight Virtual Hosting service, a small business can have its key servers and apps hosted in a secure Tier III data center on a fast virtual machine host set up and managed by Progent's IT support experts. Under the ProSight Virtual Hosting service model, the client owns the data, the OS software, and the apps. Because the environment is virtualized, it can be moved easily to a different hosting environment without a lengthy and difficult configuration process. With ProSight Virtual Hosting, you are not locked into a single hosting service. Learn more about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is an IT infrastructure documentation management service that makes it easy to capture, maintain, find and protect information related to your network infrastructure, procedures, business apps, and services. You can quickly find passwords or serial numbers and be warned about impending expirations of SSLs or domains. By cleaning up and organizing your IT infrastructure documentation, you can eliminate as much as half of time spent searching for critical information about your IT network. ProSight IT Asset Management features a centralized repository for storing and collaborating on all documents required for managing your network infrastructure like standard operating procedures and self-service instructions. ProSight IT Asset Management also offers advanced automation for gathering and relating IT data. Whether you're making improvements, doing regular maintenance, or responding to an emergency, ProSight IT Asset Management delivers the knowledge you need the instant you need it. Learn more details about Progent's ProSight IT Asset Management service.
- Patch Management: Software/Firmware Update Management Services
Progent's support services for patch management provide businesses of all sizes a versatile and affordable alternative for assessing, validating, scheduling, applying, and tracking software and firmware updates to your dynamic information network. Besides optimizing the protection and reliability of your computer network, Progent's software/firmware update management services allow your in-house IT staff to focus on line-of-business projects and tasks that derive maximum business value from your network. Learn more about Progent's software/firmware update management services.
- ProSight Duo Two-Factor Authentication: Identity Validation, Endpoint Policy Enforcement, and Protected Single Sign-on (SSO)
Progent's Duo authentication services utilize Cisco's Duo technology to protect against stolen passwords through the use of two-factor authentication (2FA). Duo supports one-tap identity confirmation on Apple iOS, Android, and other personal devices. Using 2FA, whenever you log into a protected online account and enter your password you are asked to confirm who you are via a device that only you possess and that uses a separate network channel. A broad selection of devices can be utilized for this second means of authentication including an iPhone or Android or wearable, a hardware token, a landline telephone, etc. You can register several verification devices. For more information about Duo two-factor identity authentication services, visit Duo MFA two-factor authentication (2FA) services.
ProSight Network Audits
Progent's ProSight Network Audits offer a fast and low-cost alternative for small and mid-size organizations to get an unbiased evaluation of the health of their information system. Powered by a selection of the top remote monitoring and management platforms available, and overseen by Progent's world-class group of information technology experts, ProSight Network Audits show you how closely the deployment of your essential network devices conform to leading practices. Both the Basic and Advanced versions of ProSight Network Audit services are offered at a budget-friendly, one-time cost and deliver immediate benefits like a more manageable Active Directory environment. Both versions also include one year of cutting-edge remote network monitoring and management (RMM). Advantages can include simpler network management, better compliance with data security standards, more efficient utilization of network resources, faster troubleshooting, more reliable backup and recovery, and less downtime. Learn more about ProSight Network Audits network infrastructure review.
Progent's ProSight Ransomware Preparedness Report Service
Progent's ProSight Ransomware Preparedness Report is an affordable service built around a brief phone discussion with a Progent information assurance consultant. The fact-finding interview is designed to help evaluate your organization's preparedness either to block or recover quickly after an attack by a ransomware strain like Ryuk, WannaCry, MongoLock, or Hermes. Progent will work with you directly to gather information about your current AV defense and backup/recovery platform, and Progent will then produce a custom Basic Security and Best Practices Report describing how you can apply industry best practices to create a cost-effective AV and backup system that aligns with your business requirements. For details, see Progent's ProSight Ransomware Preparedness Report Service.
Contact Progent for Penetration Testing Consulting
For more information about Progent's security help, telephone Progent at 800-993-9400 or go to Contact Progent.
Ransomware 24x7 Hot Line: Call 800-462-8800
Progent's Ransomware 24x7 Hot Line is designed to assist organizations to take the time-critical first phase in mitigating a ransomware attack by containing the malware. Progent's remote ransomware engineer can assist you to locate and quarantine breached devices and guard clean assets from being penetrated. If your network has been penetrated by any strain of ransomware, don't panic. Get help quickly by calling Progent's Ransomware Hot Line at 800-462-8800. For details, visit Progent's Ransomware 24x7 Hot Line.