CoNetrix Security is proud to introduce the launch of an updated Internal Penetration Test (IPT) Essentials service. IPT Essentials is a streamlined service designed to help organizations of all sizes identify and prioritize internal cybersecurity risks for organizations that do not yet need a full-scale internal penetration test.
With experience from thousands of IT audits, penetration tests, and security assessments, CoNetrix Security has developed IPT Essentials to meet the growing demand for internal threat analysis that is both effective and budget friendly.
"We know that every organization's security needs are different," said Ed McMurray, General Manager of CoNetrix Security. "IPT Essentials is our way of offering a right-sized solution that is accessible, affordable, and still delivers the critical insights teams need to protect against internal threats."
Two-Phase Testing for Focused Risk Mitigation Efforts
An Internal Penetration Test Essentials assessment from CoNetrix Security is performed in a two-phase approach. The vulnerability assessment phase begins with automated vulnerability scanning designed to quickly find weak links in an organization's internal controls. Internal networks are assessed for areas such as:
- Known vulnerabilities and exposures (CVEs)
- Missing patches and updates
- Common misconfigurations
- Outdated software
- Poor password and user account configurations
Based on the vulnerability assessment findings from phase 1, phase 2 involves a limited penetration test performed to identify weaknesses that could be leveraged in the early stages of an attack, including:
- Credential exposure in shared files and SYSVOL
- Weaknesses in Kerberos authentication
- Active Directory misconfigurations that allow privilege escalation
This two-phase assessment provides organizations with clear, actionable results by demonstrating how vulnerabilities could be exploited. Financial institutions and security-conscious organizations can use these insights to help prioritize the right security measures for reducing the risk of internal threats. The engagement provides high quality testing across the organization's entire network and internal systems due to the efficiency of the data-gathering in phase 1 as well as demonstrating how an attacker would exploit internal systems in phase 2.
To learn more about Internal Penetration Test Essentials or to request a quote, contact CoNetrix at [email protected].
About CoNetrix Security
CoNetrix Security specializes in providing information and cyber security services to banks, savings associations, credit unions, and trust companies. Our extensive experience in working with financial institutions through examinations and audits makes us uniquely qualified to provide these services. CoNetrix security specialists understand the technology and applications utilized in the financial industry as well as the regulatory requirements and guidance.
To learn more about what CoNetrix Security has to offer, visit https://conetrix.com/security.