Stealth penetration testing (PEN testing) is a vital method for allowing organizations to determine how exposed their networks are to real world threats by showing how well corporate security processes, procedures and technologies hold up against authorized but unannounced attacks by veteran security specialists using advanced hacking techniques.
Progent's security experts can perform extensive in-depth penetration testing without the knowledge of internal IT resources. Such testing uncovers whether existing security monitoring tools such as intrusion detection alerts and event log monitoring are correctly set up and actively monitored.
Penetration testing can encompass any or all of the following areas:
- Running a series of port scanning tools to identify open network access vectors and to identify and characterize a customer's network environment and overall security level.
- Running a series of exploit identification tools that test all open access vectors against a large database of known vulnerabilities resulting from servers that are not up to date on security patches, out of date firmware/software, poorly configured servers and devices, and default or common installation passwords.
- Evaluation of wireless network security by attempting on-site access from publicly accessible locations including parking lots, hallways, bathrooms, and physically adjacent spaces or floors. Identification of security methods utilized by wireless infrastructure and running known exploit tools to gain access
- Attempt to determine remote access capabilities of network and perform exploit and brute force attack methods to gain access through remote access infrastructure.
- Perform remote office security evaluation and testing, and determine whether remote sites can be used as a vector into the corporate network through VPNs or other private network infrastructure.
- Performing brute force account and password attacks using a database of over 40 million possible passwords
- For devices and servers that are successfully penetrated, Progent security experts will manually use assorted hacker techniques to extend such exploit vectors to gain an understanding of the full network environment and see how many internal systems can be accessed and compromised. This type of security testing can expose the full scope of the vulnerability of a network environment.
- Determination of internal and external network addressing configuration through email beaconing techniques
- Performing various Denial of Service attacks, coordinated with internal senior management to determine whether it is possible to stop or hinder network productivity. Once proof of impact is reported, such testing can be immediately ceased to avoid impact to actual business productivity.
- Perform PBX remote access and voice mail security testing
For larger companies, Progent can perform anonymous physical security penetration testing, including attempts to gain unauthorized/unchecked access to physical premises by pretending to be authorized personnel, with proof of success from copying of confidential information and accessing internal network resources behind all perimeter firewalls.
Progent experts can use social engineering techniques and public information to attempt customized password penetration testing utilizing information such as employees' family member names, birthdates, home addresses, and phone numbers. Progent team members can often quickly uncover this information through Internet online search and public records. Progent can uncover employee names/email addresses through publicly accessible information on the Internet, from PBX voice mail directories, public records filings, marketing materials and press releases, web sites, and receptionist.
Progent will provide a complete report of methods used and vulnerabilities uncovered during stealth penetration testing, along with a detailed list of recommended remediation steps. Progent can then work with internal IT staff to perform an audit and evaluation of the actual security protection, configuration, tools, and processes and help your company develop a comprehensive security plan.
ProSight Low-Cost Managed Services for Information Assurance
Progent's affordable ProSight portfolio of outsourced network management services is designed to provide small and mid-size businesses with enterprise-class support and state-of-the-art technology for all facets of information assurance and compliance. Managed services available from Progent include:
- ProSight Active Security Monitoring (ASM): Endpoint Protection and Ransomware Recovery
ProSight Active Security Monitoring (ASM) is an endpoint protection (EPP) solution that incorporates SentinelOne's next generation behavior machine learning technology to defend endpoint devices as well as servers and VMs against modern malware attacks such as ransomware and file-less exploits, which routinely escape legacy signature-based anti-virus products. ProSight ASM protects local and cloud resources and provides a unified platform to automate the entire threat lifecycle including filtering, detection, mitigation, remediation, and forensics. Key features include one-click rollback with Windows Volume Shadow Copy Service (VSS) and real-time network-wide immunization against newly discovered attacks. Progent is a SentinelOne Partner, reseller, and integrator. Learn more about Progent's ProSight Active Security Monitoring next-generation endpoint protection and ransomware recovery with SentinelOne technology.
- ProSight Enhanced Security Protection: Unified Physical and Virtual Endpoint Security
Progent's ProSight Enhanced Security Protection managed services deliver economical multi-layer protection for physical servers and VMs, desktops, smartphones, and Exchange email. ProSight ESP uses adaptive security and modern behavior analysis for continuously monitoring and reacting to cyber threats from all vectors. ProSight ESP delivers firewall protection, penetration alerts, device management, and web filtering via cutting-edge technologies incorporated within one agent accessible from a single console. Progent's data protection and virtualization consultants can assist you to plan and implement a ProSight ESP environment that meets your company's specific requirements and that allows you achieve and demonstrate compliance with government and industry information protection standards. Progent will help you define and implement policies that ProSight ESP will manage, and Progent will monitor your IT environment and respond to alerts that require immediate attention. Progent can also assist you to set up and test a backup and restore solution like ProSight Data Protection Services so you can recover rapidly from a potentially disastrous cyber attack such as ransomware. Learn more about Progent's ProSight Enhanced Security Protection (ESP) unified physical and virtual endpoint protection and Microsoft Exchange email filtering.
- ProSight Data Protection Services: Managed Backup
Progent has worked with advanced backup technology vendors to produce ProSight Data Protection Services, a portfolio of offerings that deliver backup-as-a-service (BaaS). All ProSight DPS products manage and monitor your backup operations and enable transparent backup and rapid restoration of vital files, apps, images, and Hyper-V and VMware virtual machines. ProSight DPS lets you avoid data loss resulting from equipment failures, natural calamities, fire, malware like ransomware, user error, malicious insiders, or software bugs. Managed services available in the ProSight DPS portfolio include ProSight DPS Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro Office 365 Backup), ProSight ECHO Backup based on Barracuda dedicated hardware, and ProSight DPS MSP360 Hybrid Backup. Your Progent expert can assist you to identify which of these fully managed backup services are best suited for your network.
- ProSight Email Guard: Spam Filtering, Data Leakage Protection and Email Encryption
ProSight Email Guard is Progent's email security solution that incorporates the services and infrastructure of leading information security companies to deliver centralized control and comprehensive protection for all your email traffic. The hybrid structure of Progent's Email Guard managed service integrates a Cloud Protection Layer with a local gateway appliance to offer complete defense against spam, viruses, Denial of Service Attacks, DHAs, and other email-based malware. The Cloud Protection Layer acts as a preliminary barricade and blocks the vast majority of threats from making it to your network firewall. This reduces your vulnerability to external threats and conserves system bandwidth and storage space. Email Guard's on-premises security gateway appliance adds a further level of analysis for incoming email. For outbound email, the local gateway offers AV and anti-spam filtering, policy-based Data Loss Prevention, and encryption. The on-premises gateway can also help Exchange Server to monitor and safeguard internal email traffic that stays within your corporate firewall. Find out more about Progent's ProSight Email Guard spam filtering, virus blocking, content filtering and data leakage prevention.
- ProSight WAN Watch: Network Infrastructure Remote Monitoring and Management
Progent's ProSight WAN Watch is a network infrastructure management service that makes it simple and inexpensive for small and mid-sized businesses to map out, track, reconfigure and debug their networking hardware like routers, firewalls, and load balancers plus servers, endpoints and other networked devices. Using cutting-edge Remote Monitoring and Management (RMM) technology, ProSight WAN Watch makes sure that infrastructure topology maps are always updated, copies and manages the configuration of almost all devices on your network, tracks performance, and generates notices when potential issues are detected. By automating time-consuming network management activities, ProSight WAN Watch can cut hours off ordinary chores like network mapping, reconfiguring your network, finding devices that need important software patches, or resolving performance bottlenecks. Learn more details about ProSight WAN Watch infrastructure management services.
- ProSight LAN Watch: Server and Desktop Remote Monitoring and Management
ProSight LAN Watch is Progent's server and desktop remote monitoring managed service that incorporates advanced remote monitoring and management techniques to keep your network running at peak levels by tracking the state of critical computers that power your information system. When ProSight LAN Watch uncovers a problem, an alert is transmitted automatically to your designated IT management staff and your assigned Progent consultant so that any looming issues can be addressed before they have a chance to disrupt productivity Learn more details about ProSight LAN Watch server and desktop monitoring consulting.
- ProSight Virtual Hosting: Hosted Virtual Machines at Progent's World-class Data Center
With ProSight Virtual Hosting service, a small organization can have its critical servers and apps hosted in a secure Tier III data center on a fast virtual machine host set up and managed by Progent's network support professionals. Under the ProSight Virtual Hosting model, the customer retains ownership of the data, the operating system software, and the applications. Since the environment is virtualized, it can be moved immediately to an alternate hosting environment without requiring a time-consuming and technically risky reinstallation process. With ProSight Virtual Hosting, your business is not tied one hosting service. Learn more details about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is an IT infrastructure documentation management service that makes it easy to create, update, find and protect data related to your network infrastructure, procedures, business apps, and services. You can instantly find passwords or serial numbers and be alerted about impending expirations of SSL certificates or warranties. By cleaning up and managing your network documentation, you can save as much as 50% of time wasted searching for vital information about your network. ProSight IT Asset Management features a common repository for storing and collaborating on all documents required for managing your network infrastructure like standard operating procedures and How-To's. ProSight IT Asset Management also supports advanced automation for gathering and relating IT information. Whether you're making improvements, doing regular maintenance, or responding to a crisis, ProSight IT Asset Management gets you the data you require the instant you need it. Find out more details about Progent's ProSight IT Asset Management service.
- Patch Management: Software/Firmware Update Management Services
Progent's managed services for software and firmware patch management provide businesses of any size a versatile and affordable alternative for assessing, validating, scheduling, implementing, and tracking updates to your ever-evolving IT network. Besides optimizing the security and functionality of your IT environment, Progent's software/firmware update management services free up time for your in-house IT team to concentrate on line-of-business projects and tasks that deliver the highest business value from your information network. Learn more about Progent's patch management support services.
- ProSight Duo Two-Factor Authentication: Access Security, Endpoint Policy Enforcement, and Secure Single Sign-on
Progent's Duo authentication services utilize Cisco's Duo technology to protect against stolen passwords through the use of two-factor authentication (2FA). Duo enables single-tap identity verification on Apple iOS, Android, and other personal devices. Using Duo 2FA, when you log into a protected application and enter your password you are requested to verify who you are via a device that only you have and that uses a different network channel. A broad selection of out-of-band devices can be used as this second form of authentication including an iPhone or Android or wearable, a hardware/software token, a landline phone, etc. You can register multiple verification devices. To find out more about Duo identity validation services, visit Duo MFA two-factor authentication (2FA) services for access security.
ProSight Network Audits
Progent's ProSight Network Audits offer a fast and low-cost alternative for small and mid-size businesses to get an unbiased assessment of the overall health of their network. Based on a selection of the leading remote monitoring and management (RMM) platforms available, and supervised by Progent's world-class team of information technology professionals, ProSight Network Audits show you how closely the deployment of your core network devices adhere to industry best practices. Both the Basic and Advanced options for ProSight Network Audit services are offered at a low, one-time cost and provide immediate ROI like a cleaner Active Directory (AD) system. Both also come with a year of cutting-edge remote network monitoring and management. Benefits can include easier network management, better compliance with data security standards, more efficient utilization of IT assets, faster problem resolution, more dependable backup and recovery, and less downtime. See more about ProSight Network Audits IT infrastructure review.
The ProSight Ransomware Preparedness Report Service
The ProSight Ransomware Preparedness Report service is an affordable service centered on a phone interview with a Progent information assurance consultant. The interview is intended to help assess your company's preparedness either to block or recover rapidly after an attack by a ransomware variant like Ryuk, WannaCry, MongoLock, or Hermes. Progent will work with you directly to collect information about your existing security profile and backup system, and Progent will then deliver a custom Basic Security and Best Practices Report detailing how you can apply best practices to deploy a cost-effective AV and backup/recovery system that meets your business requirements. For details, see The ProSight Ransomware Preparedness Report.
Contact Progent for Penetration Testing Consulting
If you're trying to find computer security support services, telephone Progent at 800-993-9400 or see Contact Progent.
Ransomware 24x7 Hot Line: Call 800-462-8800
Progent's Ransomware 24x7 Hot Line is designed to guide you to complete the urgent first step in responding to a ransomware assault by putting out the fire. Progent's online ransomware engineer can help businesses to locate and isolate infected devices and guard clean assets from being penetrated. If your system has been breached by any version of ransomware, don't panic. Get immediate help by calling Progent's Ransomware Hot Line at 800-462-8800. For more information, visit Progent's Ransomware 24x7 Hot Line.