Progent's Security Assessment Packages for Enterprise Networks
Progent offers three levels of set-price security assessment packages designed to provide larger enterprises an objective and thorough evaluation of their network security vulnerability. The assessments are performed by Progent's world-class team of certified security engineers using test procedures ranging from relatively friendly to aggressive. All three levels of security assessment include automated scans of services and ports from outside and inside your network firewall, manual analysis of web applications, manual checking of network configurations by a Cisco-certified CCIE engineer, interpretation of scan results by seasoned network security consultants, creation of a concise high-level summary and presentation of an interactive outbrief for your executives, plus a comprehensive technical report and extensive live outbrief for your IT staff. Progent's security engineers are available to help your IT staff with remediation support, and these services, if requested, are billed at Progent's standard consulting rates.
For Progent's standard security assessment packages, Progent's security engineers collect all information about your environment remotely and require temporary access to a computer inside your firewall for hosting a virtual machine from which to conduct internal testing. Progent also presents live, interactive outbriefs online rather than in person. Progent has found that by performing security assessments remotely rather than on site, the client saves money, experiences less disruption, gets faster results, and still receives a comprehensive and actionable security vulnerability evaluation. In situation that require onsite support, Progent can for an added fee provide a team of security engineers to perform testing and outbriefs at your location anywhere in the United States.
Deliverables of Progent's Security Assessment Packages
All levels of Progent's security vulnerability assessment services include deliverables in the form of written reports and interactive verbal presentations. These deliverables are designed to be informative and actionable so that corporate executives have a greater understanding of network security issues and in-house technical staff have a clear roadmap for mitigating any security vulnerabilities uncovered by Progent's assessment tests.
- Executive Report:
This summary document includes a statement of accomplishments, a security score card, a list of top outstanding issues, plus high-level guidance and recommendations for mitigation. The Executive Report is brief and is targeted to a technically unsophisticated audience interested mainly in the business implications of Progent's security findings.
- Executive Outbrief:
This verbal presentation provides an overview of your company's security posture and allows executives to interact with the senior engineer from Progent's security team responsible for managing the project. This is an opportunity for executives to drill down into the security issues associated with their network, clarify any questions they have about the observations and recommendations contained in Progent's Executive Report, and obtain a broader perspective of today's worldwide security environment.
- Technical Report:
This comprehensive security assessment document includes the rules of engagement, goals, testing methodology, findings, recommendations, risks, suggestions about how to move forward, and relevant raw data collected by Progent. This report is intended for technical personnel who can manage the remediation activity proposed by Progent, and the assessment document provides sufficient detail to allow competent network engineers to implement the recommended fixes without further assistance from Progent. Progent's network consultants are available to help with mitigation work at Progent's standard consulting rates.
- Technical Outbrief:
This in-depth technical presentation explains Progent's findings and recommendations to your IT staff. This presentation can last for up to two hours and allows your technical personnel to ask questions and discuss with Progent's security engineers the advantages or pitfalls of various mitigation alternatives and techniques.
Level 1 Package
With the Level 1 Security Assessment package, Progent's engineers look for security vulnerabilities and improperly configured software. Enumeration is accomplished by running external and internal scans of open ports and services. Progent also utilize both open and commercial tools to test web applications for common vulnerabilities such as blind SQL injection, XSS, command injection, unsafe CGIs, etc. Progent also performs a basic manual review of the web application.
Level 2 Package
The Level 2 package includes all Level 1 activity plus verification, exploitation, limited pivoting for expansion, and examination of trusted processes and relationships that may expose attack vectors. Progent also performs web application verification and exploitation, plus a more thorough manual review of web application logic.
Level 3 Package
The Level 3 package is the most aggressive and includes everything in Levels 1 and 2 plus phishing attacks, malicious email, social engineering, MITM attacks, leveraging compromised devices and pillaging them for sensitive data, and physical testing of controls where appropriate. Progent also tests the web application at every user level and extensively reviews web application logic. This service does not include an examination of web application source code.
Major Benefits of Progent's Security Assessment Packages for Enterprise Networks
Progent's Security Assessment Packages offer enterprises the advantages associated with a third-party consulting firm with world-class experience and know-how in evaluating the security and mitigating the vulnerabilities of large, sophisticated information networks and web applications. Key characteristics of Progent's security evaluation services include:
- Objective: Progent's security team offers you an unbiased and professional look at your security vulnerabilities
- Certified: Progent's security engineers have been awarded the top security certifications in the industry including Cisco CCIE, CISA, CISM, GIAC, and ISSAP
- Actionable: Progent's analyses and recommendations give you a solid blueprint for better protecting your network assets
- Effective: Knowledge of today's security environment and the latest hacking techniques allows Progent's seasoned security consultants to perform thorough testing and make sensible recommendations
- Budget Friendly: Progent's Security Assessment Packages are competitively priced and, because they are offered at a set fee, contain no surprises and are easy to budget for. If you utilize Progent to assist with remediation work, Progent's knowledge of your specific network environment will reduce the time required to implement and verify fixes, allowing you to keep IT service costs to a minimum.
Download the Enterprise Security Assessment Datasheet
To download a single-page printable datasheet describing Progent's three set-price Security Assessment service packages for enterprises, click:
Enterprise Security Assessment Packages
Additional Network Security Auditing Services Available from Progent
Progent offers a selection of additional security evaluation and enhancement services intended to test your network for security risks, validate your compliance with governmental or industry security requirements, and remediate potential weaknesses in your network protection:
- Small Business Security Inventory Evaluation Packages
Progent offers two Security Inventory evaluation packages for small businesses, the External Network Security Inventory and the Internal Network Security Inventory, which assess different aspects of network security vulnerability and which you can use separately or together. Both packages offer features designed to meet the needs of small businesses who want to take a more proactive role in making their networks safe from malicious assaults but who don't have the time or the budget to manage an exhaustive enterprise-class network security audit.
- Support for Horizon3.ai's NodeZero Pentest Platform
NodeZero from Horizon3.ai is a leading-edge penetration test (pentest) platform that supports repeated, concurrent, programmable assessment of your internal and perimeter network to help you find, prioritize, remediate, and confirm cybersecurity vulnerabilities before malicious hackers can take advantage of them. Progent offers the support of a NodeZero Certified Operator who can help you to use NodeZero to perform comprehensive penetration tests of your perimeter and your internal IT infrastructure in order to determine your present security posture. Progent's NodeZero experts can also help you to strengthen your network security and can help you to plan and deploy a unified cybersecurity ecosystem that streamlines management and delivers maximum protection for on-prem, cloud-based, and perimeter IT resources. To find out additional information about Progent's threat analysis solutions powered by on NodeZero's pentest products, visit Consulting Services for NodeZero's PEN Test Products.
- Unannounced Penetration Testing
Progent can perform in-depth network penetration testing without warning internal IT managers. Unannounced Security Testing uncovers whether existing network security monitoring tools like penetration detection alerts and event log tracking are correctly configured and consistently managed. Progent security engineers can use a number of hacker techniques to extend attack vectors to acquire an understanding of the entire network and detect how many internal devices can be connected to and exploited. This method of security testing can show the full extent of the security gaps of an IT environment.
- Network Security Evaluation Consulting
Progent's advanced network security assessment and compliance consulting support services can assist your company to validate your processes and policies and assess your network infrastructure to allow you to design the maximum degree of protection into your IT system. Progent's certified security consultants can also test your web business applications for security vulnerability and can perform company-wide security audits to confirm your adherence to major security standards including HIPAA, PCI, and ISO.
Contact Progent for Network Security Auditing
If you want more information concerning Progent's computer security inventory scanning packages, telephone Progent at 800-993-9400 or visit Contact Progent.
Ransomware 24x7 Hot Line: Call 800-462-8800
Progent's Ransomware 24x7 Hot Line is designed to assist you to carry out the time-critical first step in mitigating a ransomware attack by containing the malware. Progent's remote ransomware engineer can help you to locate and quarantine infected servers and endpoints and guard clean assets from being penetrated. If your system has been breached by any version of ransomware, don't panic. Get help quickly by calling Progent's Ransomware Hot Line at 800-462-8800. For details, visit Progent's Ransomware 24x7 Hot Line.