Whether you’re looking for a straightforward and reliable vulnerability assessment to keep tabs on internal or external network vulnerabilities; a full wheels-up manual penetration test to give your network a thorough workout; or to validate the build of a newly launched system, Intertek NTA can tailor its testing to suit.
Quality, depth and accuracy of penetration tests can vary greatly between the different organisations providing these services – despite them holding the same accreditations. At Intertek NTA, we want our services, our reports and our people to be held in high regard by our clients, so we will not simply rely on automated, high level scanning from a commercial or freeware tool. Whilst our testing does incorporate the use of such tools, it is enhanced through the use of our own test engines and the experience, knowledge and ability of our people, providing a more manual and rounded penetration test.
Our range of tests, below, can be performed remotely or onsite, from a credentialed or non-credentialed perspective, once-off or regularly, and in combination with any of our services, to provide a depth and breadth of testing appropriate to the target system, data and perceived risk.
Application Security
Intertek NTA’s application tests frequently identify issues from the OWASP Top Ten list of most critical vulnerabilities, with advice then being provided on how to apply the most appropriate fix.
Networks
Regular network level testing reduces the likelihood of attackers being able to deface a web site, take control of a server, access the internal network, interrupt internet connectivity, or gain unauthorised access to corporate or other user’s sensitive data.
Remote Working/WFH
Remote & mobile access testing provides an examination of remote access systems, mail gateways and Mobile Device Management (MDM) solutions, testing for vulnerabilities within the configuration of the portals and authentication mechanisms.
Mobile Device Security Assessments
This test will establish the resilience of mobile devices, such as laptops, tablets and smartphones which connect to the client network, to withstand attack should they fall into the hands of unauthorized users, and the potential for valid users to abuse their privileges and access rights.
Wireless Network Security, Compliance, and Testing
The objective is to identify, test and audit any access points and management devices located within a physical site to establish if it is possible to gain unauthorized access to the network via these devices.
Telephony
A VoIP security test provides an assessment of the configuration and security of the system, and determines if the corporate voice and data networks have been appropriately segmented.
Workstation Security Solutions
A poorly configured desktop or laptop could allow an employee to deliberately or unwittingly bypass security settings or ignore security updates, leading to an otherwise avoidable security incident. A review from Intertek NTA will ensure that you have covered all the security bases.
Social Engineering
Regardless of the time and money spent on protecting your data with the latest security technology, it is the people and processes within an organisation that can often be the weakest link. Our external and onsite social engineering exercises will allow you to establish where the vulnerabilities lie and will highlight how improving your peoples’ reaction to such attempts will protect your information.
Website Build Review
A website build review provides a detailed assessment of the installation and configuration of a company’s systems. By choosing this type of focused assessment, you would ensure that systems have been built, configured and deployed against relevant industry or compliance standards.
Red Teaming & Cyber Security Services
Designed to give your organization an understanding of how well it would respond to a real cyber attack, Red Teaming is as close to a real-world hack as it gets.